Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/fontforge-20201107~dfsg/Unicode/ArabicForms.c
Examining data/fontforge-20201107~dfsg/Unicode/char.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/ZapfDingbats.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/alphabet.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/big5.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/big5hkscs.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/gb2312.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_1.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_10.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_11.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_13.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_14.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_15.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_16.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_2.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_3.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_4.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_5.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_6.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_7.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_8.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_9.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/jis.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/jis201.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/johab.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/koi8_r.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/ksc5601.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/mac.c
Examining data/fontforge-20201107~dfsg/Unicode/charset/win.c
Examining data/fontforge-20201107~dfsg/Unicode/combiners.h
Examining data/fontforge-20201107~dfsg/Unicode/dump.c
Examining data/fontforge-20201107~dfsg/Unicode/gwwiconv.c
Examining data/fontforge-20201107~dfsg/Unicode/is_Ligature.c
Examining data/fontforge-20201107~dfsg/Unicode/is_Ligature_data.h
Examining data/fontforge-20201107~dfsg/Unicode/makebuildtables.c
Examining data/fontforge-20201107~dfsg/Unicode/makeutype.c
Examining data/fontforge-20201107~dfsg/Unicode/memory.c
Examining data/fontforge-20201107~dfsg/Unicode/ucharmap.c
Examining data/fontforge-20201107~dfsg/Unicode/unialt.c
Examining data/fontforge-20201107~dfsg/Unicode/ustring.c
Examining data/fontforge-20201107~dfsg/Unicode/utype.c
Examining data/fontforge-20201107~dfsg/contrib/admintools/copyright.c
Examining data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c
Examining data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c
Examining data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c
Examining data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan2.c
Examining data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp
Examining data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c
Examining data/fontforge-20201107~dfsg/contrib/fonttools/woff.c
Examining data/fontforge-20201107~dfsg/fontforge/PfEd.h
Examining data/fontforge-20201107~dfsg/fontforge/activeinui.c
Examining data/fontforge-20201107~dfsg/fontforge/asmfpst.c
Examining data/fontforge-20201107~dfsg/fontforge/asmfpst.h
Examining data/fontforge-20201107~dfsg/fontforge/autohint.c
Examining data/fontforge-20201107~dfsg/fontforge/autohint.h
Examining data/fontforge-20201107~dfsg/fontforge/autosave.c
Examining data/fontforge-20201107~dfsg/fontforge/autosave.h
Examining data/fontforge-20201107~dfsg/fontforge/autotrace.c
Examining data/fontforge-20201107~dfsg/fontforge/autotrace.h
Examining data/fontforge-20201107~dfsg/fontforge/autowidth.c
Examining data/fontforge-20201107~dfsg/fontforge/autowidth.h
Examining data/fontforge-20201107~dfsg/fontforge/autowidth2.c
Examining data/fontforge-20201107~dfsg/fontforge/autowidth2.h
Examining data/fontforge-20201107~dfsg/fontforge/baseviews.h
Examining data/fontforge-20201107~dfsg/fontforge/bezctx_ff.c
Examining data/fontforge-20201107~dfsg/fontforge/bezctx_ff.h
Examining data/fontforge-20201107~dfsg/fontforge/bitmapchar.c
Examining data/fontforge-20201107~dfsg/fontforge/bitmapchar.h
Examining data/fontforge-20201107~dfsg/fontforge/bitmapcontrol.c
Examining data/fontforge-20201107~dfsg/fontforge/bitmapcontrol.h
Examining data/fontforge-20201107~dfsg/fontforge/bvedit.c
Examining data/fontforge-20201107~dfsg/fontforge/bvedit.h
Examining data/fontforge-20201107~dfsg/fontforge/clipnoui.c
Examining data/fontforge-20201107~dfsg/fontforge/clipnoui.h
Examining data/fontforge-20201107~dfsg/fontforge/crctab.c
Examining data/fontforge-20201107~dfsg/fontforge/crctab.h
Examining data/fontforge-20201107~dfsg/fontforge/cvexport.c
Examining data/fontforge-20201107~dfsg/fontforge/cvexport.h
Examining data/fontforge-20201107~dfsg/fontforge/cvimages.c
Examining data/fontforge-20201107~dfsg/fontforge/cvimages.h
Examining data/fontforge-20201107~dfsg/fontforge/cvundoes.c
Examining data/fontforge-20201107~dfsg/fontforge/cvundoes.h
Examining data/fontforge-20201107~dfsg/fontforge/delta.h
Examining data/fontforge-20201107~dfsg/fontforge/dumpbdf.c
Examining data/fontforge-20201107~dfsg/fontforge/dumpbdf.h
Examining data/fontforge-20201107~dfsg/fontforge/dumppfa.c
Examining data/fontforge-20201107~dfsg/fontforge/dumppfa.h
Examining data/fontforge-20201107~dfsg/fontforge/edgelist.h
Examining data/fontforge-20201107~dfsg/fontforge/edgelist2.h
Examining data/fontforge-20201107~dfsg/fontforge/effects.c
Examining data/fontforge-20201107~dfsg/fontforge/effects.h
Examining data/fontforge-20201107~dfsg/fontforge/encoding.c
Examining data/fontforge-20201107~dfsg/fontforge/encoding.h
Examining data/fontforge-20201107~dfsg/fontforge/featurefile.c
Examining data/fontforge-20201107~dfsg/fontforge/featurefile.h
Examining data/fontforge-20201107~dfsg/fontforge/fffreetype.h
Examining data/fontforge-20201107~dfsg/fontforge/ffpython.h
Examining data/fontforge-20201107~dfsg/fontforge/flaglist.c
Examining data/fontforge-20201107~dfsg/fontforge/flaglist.h
Examining data/fontforge-20201107~dfsg/fontforge/fontforge.h
Examining data/fontforge-20201107~dfsg/fontforge/fontforgeui.h
Examining data/fontforge-20201107~dfsg/fontforge/fontforgevw.h
Examining data/fontforge-20201107~dfsg/fontforge/fontviewbase.c
Examining data/fontforge-20201107~dfsg/fontforge/freetype.c
Examining data/fontforge-20201107~dfsg/fontforge/ftdelta.c
Examining data/fontforge-20201107~dfsg/fontforge/fvcomposite.c
Examining data/fontforge-20201107~dfsg/fontforge/fvcomposite.h
Examining data/fontforge-20201107~dfsg/fontforge/fvfonts.c
Examining data/fontforge-20201107~dfsg/fontforge/fvfonts.h
Examining data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c
Examining data/fontforge-20201107~dfsg/fontforge/fvimportbdf.h
Examining data/fontforge-20201107~dfsg/fontforge/fvmetrics.c
Examining data/fontforge-20201107~dfsg/fontforge/fvmetrics.h
Examining data/fontforge-20201107~dfsg/fontforge/glif_name_hash.c
Examining data/fontforge-20201107~dfsg/fontforge/glif_name_hash.h
Examining data/fontforge-20201107~dfsg/fontforge/glyphcomp.c
Examining data/fontforge-20201107~dfsg/fontforge/glyphcomp.h
Examining data/fontforge-20201107~dfsg/fontforge/groups.c
Examining data/fontforge-20201107~dfsg/fontforge/groups.h
Examining data/fontforge-20201107~dfsg/fontforge/ikarus.c
Examining data/fontforge-20201107~dfsg/fontforge/ikarus.h
Examining data/fontforge-20201107~dfsg/fontforge/langfreq.c
Examining data/fontforge-20201107~dfsg/fontforge/langfreq.h
Examining data/fontforge-20201107~dfsg/fontforge/lookups.c
Examining data/fontforge-20201107~dfsg/fontforge/lookups.h
Examining data/fontforge-20201107~dfsg/fontforge/macbinary.c
Examining data/fontforge-20201107~dfsg/fontforge/macbinary.h
Examining data/fontforge-20201107~dfsg/fontforge/macenc.c
Examining data/fontforge-20201107~dfsg/fontforge/macenc.h
Examining data/fontforge-20201107~dfsg/fontforge/mathconstants.c
Examining data/fontforge-20201107~dfsg/fontforge/mathconstants.h
Examining data/fontforge-20201107~dfsg/fontforge/mem.c
Examining data/fontforge-20201107~dfsg/fontforge/mem.h
Examining data/fontforge-20201107~dfsg/fontforge/mm.c
Examining data/fontforge-20201107~dfsg/fontforge/mm.h
Examining data/fontforge-20201107~dfsg/fontforge/namehash.h
Examining data/fontforge-20201107~dfsg/fontforge/namelist.c
Examining data/fontforge-20201107~dfsg/fontforge/namelist.h
Examining data/fontforge-20201107~dfsg/fontforge/nonlineartrans.c
Examining data/fontforge-20201107~dfsg/fontforge/nonlineartrans.h
Examining data/fontforge-20201107~dfsg/fontforge/noprefs.c
Examining data/fontforge-20201107~dfsg/fontforge/nouiutil.c
Examining data/fontforge-20201107~dfsg/fontforge/nowakowskittfinstr.c
Examining data/fontforge-20201107~dfsg/fontforge/ofl.c
Examining data/fontforge-20201107~dfsg/fontforge/ofl.h
Examining data/fontforge-20201107~dfsg/fontforge/othersubrs.c
Examining data/fontforge-20201107~dfsg/fontforge/othersubrs.h
Examining data/fontforge-20201107~dfsg/fontforge/palmfonts.c
Examining data/fontforge-20201107~dfsg/fontforge/palmfonts.h
Examining data/fontforge-20201107~dfsg/fontforge/parsepdf.c
Examining data/fontforge-20201107~dfsg/fontforge/parsepdf.h
Examining data/fontforge-20201107~dfsg/fontforge/parsepfa.c
Examining data/fontforge-20201107~dfsg/fontforge/parsepfa.h
Examining data/fontforge-20201107~dfsg/fontforge/parsettf.c
Examining data/fontforge-20201107~dfsg/fontforge/parsettf.h
Examining data/fontforge-20201107~dfsg/fontforge/parsettfatt.c
Examining data/fontforge-20201107~dfsg/fontforge/parsettfatt.h
Examining data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c
Examining data/fontforge-20201107~dfsg/fontforge/parsettfbmf.h
Examining data/fontforge-20201107~dfsg/fontforge/parsettfvar.c
Examining data/fontforge-20201107~dfsg/fontforge/parsettfvar.h
Examining data/fontforge-20201107~dfsg/fontforge/print.c
Examining data/fontforge-20201107~dfsg/fontforge/print.h
Examining data/fontforge-20201107~dfsg/fontforge/psfont.h
Examining data/fontforge-20201107~dfsg/fontforge/psread.c
Examining data/fontforge-20201107~dfsg/fontforge/psread.h
Examining data/fontforge-20201107~dfsg/fontforge/pua.c
Examining data/fontforge-20201107~dfsg/fontforge/pua.h
Examining data/fontforge-20201107~dfsg/fontforge/python.c
Examining data/fontforge-20201107~dfsg/fontforge/savefont.c
Examining data/fontforge-20201107~dfsg/fontforge/savefont.h
Examining data/fontforge-20201107~dfsg/fontforge/scriptfuncs.h
Examining data/fontforge-20201107~dfsg/fontforge/scripting.c
Examining data/fontforge-20201107~dfsg/fontforge/scripting.h
Examining data/fontforge-20201107~dfsg/fontforge/scstyles.c
Examining data/fontforge-20201107~dfsg/fontforge/scstyles.h
Examining data/fontforge-20201107~dfsg/fontforge/sd.h
Examining data/fontforge-20201107~dfsg/fontforge/search.c
Examining data/fontforge-20201107~dfsg/fontforge/search.h
Examining data/fontforge-20201107~dfsg/fontforge/sfd.c
Examining data/fontforge-20201107~dfsg/fontforge/sfd.h
Examining data/fontforge-20201107~dfsg/fontforge/sfd1.c
Examining data/fontforge-20201107~dfsg/fontforge/sfd1.h
Examining data/fontforge-20201107~dfsg/fontforge/sflayout.c
Examining data/fontforge-20201107~dfsg/fontforge/sflayoutP.h
Examining data/fontforge-20201107~dfsg/fontforge/spiro.c
Examining data/fontforge-20201107~dfsg/fontforge/spiro.h
Examining data/fontforge-20201107~dfsg/fontforge/splinechar.c
Examining data/fontforge-20201107~dfsg/fontforge/splinefill.c
Examining data/fontforge-20201107~dfsg/fontforge/splinefill.h
Examining data/fontforge-20201107~dfsg/fontforge/splinefit.c
Examining data/fontforge-20201107~dfsg/fontforge/splinefit.h
Examining data/fontforge-20201107~dfsg/fontforge/splinefont.c
Examining data/fontforge-20201107~dfsg/fontforge/splinefont.h
Examining data/fontforge-20201107~dfsg/fontforge/splineorder2.c
Examining data/fontforge-20201107~dfsg/fontforge/splineorder2.h
Examining data/fontforge-20201107~dfsg/fontforge/splineoverlap.c
Examining data/fontforge-20201107~dfsg/fontforge/splineoverlap.h
Examining data/fontforge-20201107~dfsg/fontforge/splinerefigure.c
Examining data/fontforge-20201107~dfsg/fontforge/splinerefigure.h
Examining data/fontforge-20201107~dfsg/fontforge/splinesave.c
Examining data/fontforge-20201107~dfsg/fontforge/splinesave.h
Examining data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c
Examining data/fontforge-20201107~dfsg/fontforge/splinesaveafm.h
Examining data/fontforge-20201107~dfsg/fontforge/splinestroke.c
Examining data/fontforge-20201107~dfsg/fontforge/splinestroke.h
Examining data/fontforge-20201107~dfsg/fontforge/splineutil.c
Examining data/fontforge-20201107~dfsg/fontforge/splineutil.h
Examining data/fontforge-20201107~dfsg/fontforge/splineutil2.c
Examining data/fontforge-20201107~dfsg/fontforge/splineutil2.h
Examining data/fontforge-20201107~dfsg/fontforge/start.c
Examining data/fontforge-20201107~dfsg/fontforge/start.h
Examining data/fontforge-20201107~dfsg/fontforge/stemdb.c
Examining data/fontforge-20201107~dfsg/fontforge/stemdb.h
Examining data/fontforge-20201107~dfsg/fontforge/svg.c
Examining data/fontforge-20201107~dfsg/fontforge/svg.h
Examining data/fontforge-20201107~dfsg/fontforge/tottf.c
Examining data/fontforge-20201107~dfsg/fontforge/tottf.h
Examining data/fontforge-20201107~dfsg/fontforge/tottfaat.c
Examining data/fontforge-20201107~dfsg/fontforge/tottfaat.h
Examining data/fontforge-20201107~dfsg/fontforge/tottfgpos.c
Examining data/fontforge-20201107~dfsg/fontforge/tottfgpos.h
Examining data/fontforge-20201107~dfsg/fontforge/tottfvar.c
Examining data/fontforge-20201107~dfsg/fontforge/tottfvar.h
Examining data/fontforge-20201107~dfsg/fontforge/ttf.h
Examining data/fontforge-20201107~dfsg/fontforge/ttfinstrs.c
Examining data/fontforge-20201107~dfsg/fontforge/ttfinstrs.h
Examining data/fontforge-20201107~dfsg/fontforge/ttfspecial.c
Examining data/fontforge-20201107~dfsg/fontforge/ttfspecial.h
Examining data/fontforge-20201107~dfsg/fontforge/ufo.c
Examining data/fontforge-20201107~dfsg/fontforge/uiinterface.h
Examining data/fontforge-20201107~dfsg/fontforge/unicoderange.c
Examining data/fontforge-20201107~dfsg/fontforge/unicoderange.h
Examining data/fontforge-20201107~dfsg/fontforge/utanvec.c
Examining data/fontforge-20201107~dfsg/fontforge/utanvec.h
Examining data/fontforge-20201107~dfsg/fontforge/views.h
Examining data/fontforge-20201107~dfsg/fontforge/winfonts.c
Examining data/fontforge-20201107~dfsg/fontforge/winfonts.h
Examining data/fontforge-20201107~dfsg/fontforge/woff.c
Examining data/fontforge-20201107~dfsg/fontforge/woff.h
Examining data/fontforge-20201107~dfsg/fontforge/woff2.cc
Examining data/fontforge-20201107~dfsg/fontforge/zapfnomen.c
Examining data/fontforge-20201107~dfsg/fontforge/zapfnomen.h
Examining data/fontforge-20201107~dfsg/fontforgeexe/alignment.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/basedlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/bitmapdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/charview.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/charview_private.h
Examining data/fontforge-20201107~dfsg/fontforgeexe/clipui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/combinations.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cursors.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvaddpoints.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvdgloss.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvexportdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvfreehand.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvgridfit.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvhand.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvpointer.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvruler.h
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvshapes.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/cvtranstools.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/effectsui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/fontview.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/freetypeui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/gotodlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/histograms.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/images.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/layer2layer.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/macencui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/main.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/math.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/openfontdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/prefs.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/problems.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/pythonui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/scriptingdlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/searchview.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/sftextfieldP.h
Examining data/fontforge-20201107~dfsg/fontforgeexe/sfundo.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/sfundo.h
Examining data/fontforge-20201107~dfsg/fontforgeexe/showatt.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/simplifydlg.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/splashimage.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/startnoui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/startui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/transform.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/usermenu.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/usermenu.h
Examining data/fontforge-20201107~dfsg/fontforgeexe/windowmenu.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c
Examining data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.h
Examining data/fontforge-20201107~dfsg/gdraw/choosericons.c
Examining data/fontforge-20201107~dfsg/gdraw/colorP.h
Examining data/fontforge-20201107~dfsg/gdraw/ctlvalues.c
Examining data/fontforge-20201107~dfsg/gdraw/div_tables.c
Examining data/fontforge-20201107~dfsg/gdraw/drawboxborder.c
Examining data/fontforge-20201107~dfsg/gdraw/fontP.h
Examining data/fontforge-20201107~dfsg/gdraw/gaskdlg.c
Examining data/fontforge-20201107~dfsg/gdraw/gbuttons.c
Examining data/fontforge-20201107~dfsg/gdraw/gchardlg.c
Examining data/fontforge-20201107~dfsg/gdraw/gcolor.c
Examining data/fontforge-20201107~dfsg/gdraw/gcontainer.c
Examining data/fontforge-20201107~dfsg/gdraw/gdraw.c
Examining data/fontforge-20201107~dfsg/gdraw/gdrawP.h
Examining data/fontforge-20201107~dfsg/gdraw/gdrawable.c
Examining data/fontforge-20201107~dfsg/gdraw/gdrawbuildchars.c
Examining data/fontforge-20201107~dfsg/gdraw/gdrawerror.c
Examining data/fontforge-20201107~dfsg/gdraw/gdrawgimage.c
Examining data/fontforge-20201107~dfsg/gdraw/gdrawtxt.c
Examining data/fontforge-20201107~dfsg/gdraw/gdrawtxtinit.c
Examining data/fontforge-20201107~dfsg/gdraw/gdrawwacomdriver.c
Examining data/fontforge-20201107~dfsg/gdraw/genkeysym.c
Examining data/fontforge-20201107~dfsg/gdraw/gfilechooser.c
Examining data/fontforge-20201107~dfsg/gdraw/gfiledlg.c
Examining data/fontforge-20201107~dfsg/gdraw/ggadgetP.h
Examining data/fontforge-20201107~dfsg/gdraw/ggadgets.c
Examining data/fontforge-20201107~dfsg/gdraw/ggdkcdraw.c
Examining data/fontforge-20201107~dfsg/gdraw/ggdkdraw.c
Examining data/fontforge-20201107~dfsg/gdraw/ggdkdrawP.h
Examining data/fontforge-20201107~dfsg/gdraw/ggdkdrawlogger.c
Examining data/fontforge-20201107~dfsg/gdraw/ggroupbox.c
Examining data/fontforge-20201107~dfsg/gdraw/ghvbox.c
Examining data/fontforge-20201107~dfsg/gdraw/gimageclut.c
Examining data/fontforge-20201107~dfsg/gdraw/gimagecvt.c
Examining data/fontforge-20201107~dfsg/gdraw/gimagexdraw.c
Examining data/fontforge-20201107~dfsg/gdraw/gkeysym.c
Examining data/fontforge-20201107~dfsg/gdraw/glist.c
Examining data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c
Examining data/fontforge-20201107~dfsg/gdraw/gmenu.c
Examining data/fontforge-20201107~dfsg/gdraw/gprogress.c
Examining data/fontforge-20201107~dfsg/gdraw/gradio.c
Examining data/fontforge-20201107~dfsg/gdraw/gresedit.c
Examining data/fontforge-20201107~dfsg/gdraw/gresource.c
Examining data/fontforge-20201107~dfsg/gdraw/gresourceP.h
Examining data/fontforge-20201107~dfsg/gdraw/gresourceimage.c
Examining data/fontforge-20201107~dfsg/gdraw/growcol.c
Examining data/fontforge-20201107~dfsg/gdraw/gsavefiledlg.c
Examining data/fontforge-20201107~dfsg/gdraw/gscrollbar.c
Examining data/fontforge-20201107~dfsg/gdraw/gspacer.c
Examining data/fontforge-20201107~dfsg/gdraw/gtabset.c
Examining data/fontforge-20201107~dfsg/gdraw/gtextfield.c
Examining data/fontforge-20201107~dfsg/gdraw/gtextinfo.c
Examining data/fontforge-20201107~dfsg/gdraw/gwidgetP.h
Examining data/fontforge-20201107~dfsg/gdraw/gwidgets.c
Examining data/fontforge-20201107~dfsg/gdraw/gxcdraw.c
Examining data/fontforge-20201107~dfsg/gdraw/gxcdrawP.h
Examining data/fontforge-20201107~dfsg/gdraw/gxdraw.c
Examining data/fontforge-20201107~dfsg/gdraw/gxdrawP.h
Examining data/fontforge-20201107~dfsg/gdraw/hotkeys.c
Examining data/fontforge-20201107~dfsg/gdraw/xkeysyms_unicode.c
Examining data/fontforge-20201107~dfsg/gutils/dlist.c
Examining data/fontforge-20201107~dfsg/gutils/fsys.c
Examining data/fontforge-20201107~dfsg/gutils/g_giomime.c
Examining data/fontforge-20201107~dfsg/gutils/gcol.c
Examining data/fontforge-20201107~dfsg/gutils/gimage.c
Examining data/fontforge-20201107~dfsg/gutils/gimagebmpP.h
Examining data/fontforge-20201107~dfsg/gutils/gimageread.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadgif.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadjpeg.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadpng.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadras.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadtiff.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadxbm.c
Examining data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c
Examining data/fontforge-20201107~dfsg/gutils/gimagewritebmp.c
Examining data/fontforge-20201107~dfsg/gutils/gimagewritegimage.c
Examining data/fontforge-20201107~dfsg/gutils/gimagewritejpeg.c
Examining data/fontforge-20201107~dfsg/gutils/gimagewritepng.c
Examining data/fontforge-20201107~dfsg/gutils/gimagewritexbm.c
Examining data/fontforge-20201107~dfsg/gutils/gimagewritexpm.c
Examining data/fontforge-20201107~dfsg/gutils/gio.c
Examining data/fontforge-20201107~dfsg/gutils/giofile.c
Examining data/fontforge-20201107~dfsg/gutils/giofuncP.h
Examining data/fontforge-20201107~dfsg/gutils/giotrans.c
Examining data/fontforge-20201107~dfsg/gutils/gutils.c
Examining data/fontforge-20201107~dfsg/gutils/gwwintl.c
Examining data/fontforge-20201107~dfsg/gutils/prefs.c
Examining data/fontforge-20201107~dfsg/gutils/unicodelibinfo.c
Examining data/fontforge-20201107~dfsg/inc/basics.h
Examining data/fontforge-20201107~dfsg/inc/carbon.h
Examining data/fontforge-20201107~dfsg/inc/chardata.h
Examining data/fontforge-20201107~dfsg/inc/charset.h
Examining data/fontforge-20201107~dfsg/inc/dlist.h
Examining data/fontforge-20201107~dfsg/inc/ffgdk.h
Examining data/fontforge-20201107~dfsg/inc/ffglib.h
Examining data/fontforge-20201107~dfsg/inc/gdraw.h
Examining data/fontforge-20201107~dfsg/inc/gfile.h
Examining data/fontforge-20201107~dfsg/inc/ggadget.h
Examining data/fontforge-20201107~dfsg/inc/gicons.h
Examining data/fontforge-20201107~dfsg/inc/gimage.h
Examining data/fontforge-20201107~dfsg/inc/gio.h
Examining data/fontforge-20201107~dfsg/inc/gkeysym.h
Examining data/fontforge-20201107~dfsg/inc/gprogress.h
Examining data/fontforge-20201107~dfsg/inc/gresedit.h
Examining data/fontforge-20201107~dfsg/inc/gresource.h
Examining data/fontforge-20201107~dfsg/inc/gutils.h
Examining data/fontforge-20201107~dfsg/inc/gwidget.h
Examining data/fontforge-20201107~dfsg/inc/gwwiconv.h
Examining data/fontforge-20201107~dfsg/inc/hotkeys.h
Examining data/fontforge-20201107~dfsg/inc/intl.h
Examining data/fontforge-20201107~dfsg/inc/prefs.h
Examining data/fontforge-20201107~dfsg/inc/unicodelibinfo.h
Examining data/fontforge-20201107~dfsg/inc/ustring.h
Examining data/fontforge-20201107~dfsg/inc/utype.h
Examining data/fontforge-20201107~dfsg/po/toengb.c
Examining data/fontforge-20201107~dfsg/pyhook/fontforgepyhook.c
Examining data/fontforge-20201107~dfsg/pyhook/psMatpyhook.c
Examining data/fontforge-20201107~dfsg/tests/link_test.c
Examining data/fontforge-20201107~dfsg/tests/randomtest.c
Examining data/fontforge-20201107~dfsg/tests/systestdriver.c
FINAL RESULTS:
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1213:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(buffer,statb.st_mode|S_IXUSR|S_IXGRP|S_IXOTH); /* Set the execute bits (in case it's windows) */
data/fontforge-20201107~dfsg/Unicode/dump.c:131:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, alphabets[j]);
data/fontforge-20201107~dfsg/Unicode/dump.c:140:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,alphabets[j],buffer );
data/fontforge-20201107~dfsg/Unicode/dump.c:154:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:172:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:358:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, adobecjk[j]);
data/fontforge-20201107~dfsg/Unicode/dump.c:363:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,adobecjk[j],buffer );
data/fontforge-20201107~dfsg/Unicode/dump.c:387:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:404:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:422:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, adobecjk[j]);
data/fontforge-20201107~dfsg/Unicode/dump.c:427:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,adobecjk[j],buffer );
data/fontforge-20201107~dfsg/Unicode/dump.c:451:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:471:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:557:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, adobecjk[j]);
data/fontforge-20201107~dfsg/Unicode/dump.c:565:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,adobecjk[j],buffer );
data/fontforge-20201107~dfsg/Unicode/dump.c:606:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:617:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:690:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, cjk[j] );
data/fontforge-20201107~dfsg/Unicode/dump.c:698:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,cjk[j],buffer );
data/fontforge-20201107~dfsg/Unicode/dump.c:719:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:730:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:809:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, adobecjk[j]);
data/fontforge-20201107~dfsg/Unicode/dump.c:815:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,adobecjk[j],buffer );
data/fontforge-20201107~dfsg/Unicode/dump.c:846:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:865:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:880:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:894:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:1026:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, adobecjk[j]);
data/fontforge-20201107~dfsg/Unicode/dump.c:1031:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,adobecjk[j],buffer );
data/fontforge-20201107~dfsg/Unicode/dump.c:1055:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:1069:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/dump.c:1136:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( output, GeneratedFileMessage );
data/fontforge-20201107~dfsg/Unicode/dump.c:1153:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( output, GeneratedFileMessage );
data/fontforge-20201107~dfsg/Unicode/dump.c:1187:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantSaveFile, "alphabet.c" );
data/fontforge-20201107~dfsg/Unicode/dump.c:1191:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantSaveFile, "chardata.h" );
data/fontforge-20201107~dfsg/Unicode/dump.c:1196:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( output, GeneratedFileMessage );
data/fontforge-20201107~dfsg/Unicode/dump.c:1197:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( header, GeneratedFileMessage );
data/fontforge-20201107~dfsg/Unicode/dump.c:1213:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantSaveFile, "cjk.c" );
data/fontforge-20201107~dfsg/Unicode/dump.c:1227:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantSaveFile, "backtrns.c" );
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:368:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bpt,names[i].name);
data/fontforge-20201107~dfsg/Unicode/makeutype.c:437:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LgFrcTooMany, "ligatures", "ligature", lgm, (unsigned)index );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:441:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LgFrcConfuse, "ligature", lgm, (unsigned)index );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:453:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LgFrcTooMany, "fractions", "vulgfrac", vfm, (unsigned)index );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:457:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LgFrcConfuse, "vulgfrac", vfm, (unsigned)index );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:470:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LgFrcTooMany, "fractions", "fraction", frm, (unsigned)index );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:474:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LgFrcConfuse, "fraction", frm, (unsigned)index );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:509:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile,"UnicodeData.txt" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:514:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,"UnicodeData.txt",buffer );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:651:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf2, oldname);
data/fontforge-20201107~dfsg/Unicode/makeutype.c:660:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, "LineBreak.txt" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:666:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,"LineBreak.txt",buffer );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:715:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, "PropList.txt" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:722:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,"PropList.txt",buffer );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:769:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, "NamesList.txt" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:776:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,"NamesList.txt",buffer );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:817:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantReadFile, corp ); /* Not essential */
data/fontforge-20201107~dfsg/Unicode/makeutype.c:822:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, LineLengthBg,corp,buffer );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:845:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, NoMoreMemory );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:850:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(names[index],prefix); strcat(names[index],buf2);
data/fontforge-20201107~dfsg/Unicode/makeutype.c:850:35: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(names[index],prefix); strcat(names[index],buf2);
data/fontforge-20201107~dfsg/Unicode/makeutype.c:862:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,base);
data/fontforge-20201107~dfsg/Unicode/makeutype.c:863:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name,suffix);
data/fontforge-20201107~dfsg/Unicode/makeutype.c:916:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantSaveFile, "ArabicForms.c" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:924:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, GeneratedFileMessage, UnicodeMajor, UnicodeMinor );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1083:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (j==0) ? "\n 0x%02x" : ", 0x%02x", k );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1109:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (j==0) ? "\n 0x" : ", 0x" ); ++j;
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1110:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (tds<254) ? "%02x" : "%04x", cs );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1118:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (j==0) ? "\n 0x" : ", 0x" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1119:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (tds<254) ? "%02x" : "%04x", cs );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1142:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (j==0) ? "\n 0x" : ", 0x" ); ++j;
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1143:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (tdl<254) ? "%02x" : "%04x", cl );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1151:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (j==0) ? "\n 0x" : ", 0x" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1152:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, (til<254) ? "%02x" : "%04x", cl );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1201:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantSaveFile, "is_Ligature_data.h" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1213:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, GeneratedFileMessage, UnicodeMajor, UnicodeMinor );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1241:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, CantSaveFile, "(utype.[ch])" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1254:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( header, GeneratedFileMessage, UnicodeMajor, UnicodeMinor );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1400:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( data, GeneratedFileMessage, UnicodeMajor, UnicodeMinor );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1578:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, CantSaveFile, "unialt.c" );
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1584:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(file, GeneratedFileMessage, UnicodeMajor, UnicodeMinor );
data/fontforge-20201107~dfsg/Unicode/memory.c:77:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(NULL, 0, fmt, args2);
data/fontforge-20201107~dfsg/Unicode/memory.c:91:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(ret, len + 1, fmt, args);
data/fontforge-20201107~dfsg/Unicode/ustring.c:1091:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( output, remains );
data/fontforge-20201107~dfsg/Unicode/ustring.c:1096:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( output, replacement );
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:31:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,NEW);
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:34:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,NEW);
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:36:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,OLD);
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:38:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,NEW);
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:42:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,pt+strlen(OLD));
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:470:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,dirname);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:472:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,ent->d_name);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:498:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,dir);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:500:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,pattern);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:711:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(otherdir,filename);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:855:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,outline.fontname);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:178:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outname,start);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:179:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outname+(ext-start),iscff ? ".otf" : ".ttf" );
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1004:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(family,hdr->fontname);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1020:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( unique, "pcl2ttf: %s", hdr->fontname );
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:251:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rdtok,temptok);
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:449:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer,"%s.decrypt", pt);
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:59:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,name);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:650:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( id==0?"Copyright\n":id==1?"Family\n":id==2?"Subfamily\n":id==3?
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:2518:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( m2b ? "\t Mark To Base Sub Table[%d]\n" : "\t Mark To Mark Sub Table[%d]\n", which );
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:3058:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( lval==0 ? "Alphabetic\n" :
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:78:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile,filename);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:1092:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s.eps", name);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:191:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outname,start);
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:483:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,classglyphs[i]->name);
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:523:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,glyphs[i]->name);
data/fontforge-20201107~dfsg/fontforge/autosave.c:59:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/autosave", dir);
data/fontforge-20201107~dfsg/fontforge/autosave.c:61:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(buffer,F_OK)==-1 )
data/fontforge-20201107~dfsg/fontforge/autosave.c:80:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%s/auto%06x-%d.asfd", autosavedir, getpid(), ++cnt );
data/fontforge-20201107~dfsg/fontforge/autosave.c:81:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(buffer,F_OK)==-1 ) {
data/fontforge-20201107~dfsg/fontforge/autosave.c:109:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/%s",recoverdir,entry->d_name);
data/fontforge-20201107~dfsg/fontforge/autosave.c:144:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/%s",recoverdir,entry->d_name);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:204:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,dir);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:209:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,P_tmpdir);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:227:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,P_tmpdir);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:276:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempname_in, _tempnam(NULL, "FontForge_in_"));
data/fontforge-20201107~dfsg/fontforge/autotrace.c:277:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempname_out, _tempnam(NULL, "FontForge_out_"));
data/fontforge-20201107~dfsg/fontforge/autotrace.c:308:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(command);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:425:11: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
exit(execvp(prog,(char * const *)arglist)==-1); /* If exec fails, then die */
data/fontforge-20201107~dfsg/fontforge/autotrace.c:502:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rpt,args[j]);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:620:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,prog);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:623:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(buffer,X_OK)!=-1 ) {
data/fontforge-20201107~dfsg/fontforge/autotrace.c:692:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,tempdir);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:694:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,ent->d_name);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:713:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,tempdir);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:719:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eod,ent->d_name);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:790:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arglist[1],mf_args);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:792:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(arglist[1],filename);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:807:7: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
exit(execvp(arglist[0],arglist)==-1); /* If exec fails, then die */
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1234:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pt,sclist[i]->name);
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:992:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str,leftglyphs[j]->name);
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:1027:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str,rightglyphs[j]->name);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:324:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer , EncodingName(map->enc) );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:345:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pt+1, "%s-%s", reg, enc);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:367:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer2,bpt);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:369:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer2,sf->familyname);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:371:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer2,pt);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:406:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(enc, pt );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:420:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( reg, EncodingName(map->enc) );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:425:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( enc, pt+1 );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:486:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(family_name,fontname);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:489:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_name,bold);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:493:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_name,sfweight);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:496:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stylename,style);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:501:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(squeeze,compress);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:508:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(family_name,sffamily);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:510:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,pt+1);
data/fontforge-20201107~dfsg/fontforge/cvexport.c:725:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( unicode,ch=='u' ? "%04x" : "%04X", sc->unicodeenc );
data/fontforge-20201107~dfsg/fontforge/cvimages.c:1106:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (start, "%s/%s", dirname, entry->d_name);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:1285:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"(%g%s%g)", (double) sp->me.x, coord_sep, (double) sp->me.y );
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2887:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(space, format, otl->lookup_name );
data/fontforge-20201107~dfsg/fontforge/dumpbdf.c:280:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( file, font->clut!=NULL ? "STARTFONT 2.3\n" :
data/fontforge-20201107~dfsg/fontforge/dumpbdf.c:436:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s-%s.%d.bdf", font->sf->fontname, encodingname, font->pixelsize );
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:247:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf( buffer, format, args);
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2718:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s-%d.pt3", sf->fontname, font->pixelsize );
data/fontforge-20201107~dfsg/fontforge/encoding.c:213:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(from,escape_sequence);
data/fontforge-20201107~dfsg/fontforge/encoding.c:238:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(enc->iso_2022_escape, escape_sequence);
data/fontforge-20201107~dfsg/fontforge/encoding.c:510:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/Encodings.ps", ffdir);
data/fontforge-20201107~dfsg/fontforge/encoding.c:904:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,temp);
data/fontforge-20201107~dfsg/fontforge/encoding.c:995:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,dir);
data/fontforge-20201107~dfsg/fontforge/encoding.c:997:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ret,ent->d_name);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1002:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(maybe,ent->d_name);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1008:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,dir);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1010:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ret,maybe);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1086:15: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
} else if ( fscanf(f," /%s", name )==1 )
data/fontforge-20201107~dfsg/fontforge/featurefile.c:807:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(start+len,r->u.coverage.ncovers[n]);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:992:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( out, r->lookup_cnt==0 ? " ignore pos " : " pos " );
data/fontforge-20201107~dfsg/fontforge/featurefile.c:994:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( out, !r->u.rcoverage.replacements
data/fontforge-20201107~dfsg/fontforge/featurefile.c:998:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( out, r->lookup_cnt==0 ? " ignore sub " : " sub " );
data/fontforge-20201107~dfsg/fontforge/featurefile.c:1930:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( namebuf, "%s_%s_%s%s_%d", isgpos ? "pos" : "sub",
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2082:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cpt,names[i]);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2786:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,sames->glyphs);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2840:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(glyphs+cnt,contents);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2987:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_glyph,tok->tokbuf); last_val = -1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:3037:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( last_glyph, "%.*s%c%s", (int) (start2-tok->tokbuf),
data/fontforge-20201107~dfsg/fontforge/featurefile.c:3051:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( last_glyph, "%.*s%02d%s", (int) (start2-tok->tokbuf),
data/fontforge-20201107~dfsg/fontforge/featurefile.c:3054:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( last_glyph, "%.*s%03d%s", (int) (start2-tok->tokbuf),
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4053:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(next,temp->name);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4085:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,g->name_or_class);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4398:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mult+len,g->name_or_class);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4449:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,sames->glyphs);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:6355:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(acs[i]->name,"%s_%d", classes[i]->name+1, classes[i]->name_used);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:7145:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(namebuf,"%s-%d", otl->lookup_name, cnt++ );
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1693:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,old->filename);
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1696:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,compressors[old->compression-1].ext);
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1715:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,old->filename);
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1716:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,compressors[old->compression-1].ext);
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1827:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(uc_accent,rsc->name);
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1844:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer,"%.70s.%s", StdGlyphName(buffer,acc,ui_none,(NameList *) -1), suffixes[i]);
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1848:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer,"uni%04X.%s", acc, suffixes[i]);
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1863:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer,"%.70s.%s", StdGlyphName(buffer,acc,ui_none,(NameList *) -1), suffixes[i]);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:587:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(family,buf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:676:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mods,"%s%s", weight, italic );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:867:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,family);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1074:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,family);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1497:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(family,props[i].value);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1501:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,props[i].value);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1557:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mods,"%s%s", weight, italic );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1560:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(full,"%s-%s", family, mods );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1562:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,family);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1950:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(n,family); strcat(n," "); strcat(n,mods);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1950:38: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(n,family); strcat(n," "); strcat(n,mods);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2205:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s %s", compressors[i].decomp, filename );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2206:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system(buf)==0 )
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2213:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,dir);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2215:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp,GFileNameTail(filename));
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2217:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s -c %s > %s", compressors[i].decomp, filename, temp );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2218:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system(buf)==0 )
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2232:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s %s", compressors[i].recomp, filename );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2233:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(buf);
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:964:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( fd->diffs, U_("Glyph “%s” differs\n"), sc->name );
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:969:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(fd->diffs,format,ap);
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:971:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(fd->held,sizeof(fd->held),format,ap);
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1215:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( fd->diffs, U_("Glyph “%s” missing from %s\n"), sc->name, fd->name2 );
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1230:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( fd->diffs, U_("Glyph “%s” missing from %s\n"), sc->name, fd->name1 );
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1289:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( fd->diffs, U_("Glyph “%s” missing from %s at %d@%d\n"),
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1312:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( fd->diffs, U_("Glyph “%s” missing from %s at %d@%d\n"),
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1343:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( fd->diffs, U_("Glyph “%s” differs at %d@%d\n"),
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1349:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd->diffs,U_("Glyph “%s” has advance width %d in %s but %d in %s at %d@%d\n"),
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1355:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd->diffs,U_("Glyph “%s” has vertical advance width %d in %s but %d in %s at %d@%d\n"),
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1361:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd->diffs,U_("Glyph “%s” has a different bitmap at %d@%d\n"),
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:2008:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( fd->diffs, U_("Glyph “%s” differs\n"), sc->name );
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:2015:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(fd->diffs,format,ap);
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:2017:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(fd->held,sizeof(fd->held),format,ap);
data/fontforge-20201107~dfsg/fontforge/groups.c:90:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/groups", userConfigDir);
data/fontforge-20201107~dfsg/fontforge/ikarus.c:549:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname,fnam);
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2072:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,freq[cur].utf8_letter);
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2192:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,ScriptRandomChar(chrs));
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2212:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,RandomWord(lf,sf));
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2214:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,ScriptRandomWord(chrs));
data/fontforge-20201107~dfsg/fontforge/lookups.c:1609:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( ubuf, setname );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1678:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( userfriendly, "%s '%c%c%c%c'", lookuptype,
data/fontforge-20201107~dfsg/fontforge/lookups.c:1735:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( otl->lookup_name, format, userfriendly, script, otl->lookup_index );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1739:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( otl->lookup_name, format, userfriendly, otl->lookup_index );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1770:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( subtable->subtable_name, format, otl->lookup_name, cnt );
data/fontforge-20201107~dfsg/fontforge/lookups.c:3892:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new+(start-base)+rlen,pt);
data/fontforge-20201107~dfsg/fontforge/lookups.c:4347:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret+len,names[i]);
data/fontforge-20201107~dfsg/fontforge/lookups.c:4926:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newr,parsed[cnt].replacements);
data/fontforge-20201107~dfsg/fontforge/lookups.c:5070:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rule->u.glyph.back,parsed[i].entity);
data/fontforge-20201107~dfsg/fontforge/lookups.c:5074:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rule->u.glyph.names,parsed[i].entity);
data/fontforge-20201107~dfsg/fontforge/lookups.c:5078:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rule->u.glyph.fore,parsed[i].entity);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1390:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer+1,pt);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1630:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(header.macfilename,filename);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1633:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt+1,buffer);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1736:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(binfilename,filename);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1748:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dpt,is_dfont?".bmap.dfont":__Mac?".bmap":".bmap.bin");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1819:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempname,filename);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1822:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt+1,buffer);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1825:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tf,filename);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2402:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,strings[ 0 ]+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2406:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,strings[ strings[format][k+1]-1 ]+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2937:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(respath,tempfn);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2941:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(respath,tempfn);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3143:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,filename);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3148:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(spt,pt);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3168:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dpt,exten);
data/fontforge-20201107~dfsg/fontforge/mm.c:104:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,mm->normal->familyname);
data/fontforge-20201107~dfsg/fontforge/mm.c:107:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hyphen+1,styles);
data/fontforge-20201107~dfsg/fontforge/mm.c:115:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,mm->normal->familyname);
data/fontforge-20201107~dfsg/fontforge/mm.c:120:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pt, " %d%s", (int) rint(MMAxisUnmap(mm,i,normalized[i])),
data/fontforge-20201107~dfsg/fontforge/mm.c:123:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pt, " %.1f%s", (double) MMAxisUnmap(mm,i,normalized[i]),
data/fontforge-20201107~dfsg/fontforge/mm.c:238:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,hold[j]);
data/fontforge-20201107~dfsg/fontforge/namelist.c:437:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,refs[i]->name);
data/fontforge-20201107~dfsg/fontforge/namelist.c:714:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%s/%s", dir, ent->d_name );
data/fontforge-20201107~dfsg/fontforge/namelist.c:761:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(space,sc->name);
data/fontforge-20201107~dfsg/fontforge/namelist.c:882:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last,bits[i].rpl->name);
data/fontforge-20201107~dfsg/fontforge/namelist.c:886:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last,last_orig);
data/fontforge-20201107~dfsg/fontforge/noprefs.c:448:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/prefs", getFontForgeUserDir(Config));
data/fontforge-20201107~dfsg/fontforge/noprefs.c:578:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,enc);
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:43:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer,sizeof(buffer),format,ap);
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:54:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer,sizeof(buffer),format,ap);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:88:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sf->fontname,family);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:91:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sf->fontname,style);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:402:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn,filename);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1702:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, nname);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1711:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, suffix);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2195:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rdtok,temptok);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1512:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str+1,old);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4531:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%d (%s) %d %s %s %s",
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5197:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(info->xuid,"[%s %d]", xuid, (rand()&0xffffff));
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:86:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret[class[i]]+lens[class[i]], info->chars[i]->name );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:130:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ret+len, info->chars[i]->name );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:195:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,info->chars[glyphs[i]]->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:1918:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"%s.%s", basename, pt );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2058:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pt,info->chars[glyph2s[j]]->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2176:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str,info->chars[lig_glyphs[k]]->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2181:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,tag);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2204:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,info->chars[lig_glyphs[k]]->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3063:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( info->mark_class_names[i], format_spec, i );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3082:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( info->mark_set_names[i], format_spec, i );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3330:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( name, format, parent->lookup_name, nest_index );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3752:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comp,sm->info->chars[sm->lig_comp_glyphs[j]]->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3878:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comp,sm->info->chars[sm->lig_comp_glyphs[j]]->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4234:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classes[st->classes2[i]],info->chars[i]->name );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4239:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classes[st->classes2[info->badgids[i]->orig_pos]],info->badgids[i]->name );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4244:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classes[st->classes[i-st->first_glyph]],info->chars[i]->name );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4277:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str+len,info->chars[glyph]->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5364:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt+len,sc->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5968:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer,sizeof(buffer),format,otl->lookup_name,cnt );
data/fontforge-20201107~dfsg/fontforge/print.c:450:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer,"%s_ly%d_%s_%s", sc->name, layer,
data/fontforge-20201107~dfsg/fontforge/print.c:456:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer,"%s_trans_%g,%g,%g,%g,%g,%g_ly%d_%s_%s", sc->name,
data/fontforge-20201107~dfsg/fontforge/print.c:656:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%s_ly%d_%d_image", sc->name, layer, icnt );
data/fontforge-20201107~dfsg/fontforge/print.c:1446:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfbit->psfontname,"%s__%d", sfbit->sf->fontname, pi->pointsize );
data/fontforge-20201107~dfsg/fontforge/print.c:1672:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sfbit->psfontname,"%s-%x__%d", sfbit->sf->fontname, pi->lastbase,
data/fontforge-20201107~dfsg/fontforge/print.c:2912:2: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0],argv);
data/fontforge-20201107~dfsg/fontforge/print.c:2915:6: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0],argv);
data/fontforge-20201107~dfsg/fontforge/print.c:3091:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"pr-%.90s.%s", pi.mainsf->fontname,
data/fontforge-20201107~dfsg/fontforge/psread.c:294:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( io->fogbuf, "%d %s ", ch-233+17, io->fogns
data/fontforge-20201107~dfsg/fontforge/psread.c:865:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( dict->entries[i].type==ps_lit ? "/" :
data/fontforge-20201107~dfsg/fontforge/psread.c:868:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( dict->entries[i].type==ps_lit ? "" :
data/fontforge-20201107~dfsg/fontforge/psread.c:2703:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( stack[sp].type==ps_lit ? "/" :
data/fontforge-20201107~dfsg/fontforge/psread.c:2707:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( stack[sp].type==ps_lit ? "" :
data/fontforge-20201107~dfsg/fontforge/psread.c:2777:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( stack[sp-1].u.str, "%s", stack[sp-2].u.tf ? "true" : "false" );
data/fontforge-20201107~dfsg/fontforge/psread.c:2780:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( stack[sp-1].u.str, "%s", stack[sp-2].u.str );
data/fontforge-20201107~dfsg/fontforge/python.c:1964:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s(%g,%g,%s)", Py_TYPE(self)->tp_name, (double)self->x, (double)self->y,
data/fontforge-20201107~dfsg/fontforge/python.c:1972:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"<FFPoint (%g,%g) %s>", (double)self->x, (double)self->y, self->on_curve?"on":"off" );
data/fontforge-20201107~dfsg/fontforge/python.c:2219:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, self->is_quadratic? "<Contour(quadratic)\n":"<Contour(cubic)\n");
data/fontforge-20201107~dfsg/fontforge/python.c:2222:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pt, " (%g,%g) %s\n", (double)self->points[i]->x, (double)self->points[i]->y,
data/fontforge-20201107~dfsg/fontforge/python.c:3869:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, self->is_quadratic? "<Layer(quadratic)\n":"<Layer(cubic)\n");
data/fontforge-20201107~dfsg/fontforge/python.c:3876:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pt, " (%g,%g) %s\n", (double)contour->points[j]->x, (double)contour->points[j]->y,
data/fontforge-20201107~dfsg/fontforge/python.c:6483:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
at = sprintf(repr, "<%s at 0x%p sc=0x%p",
data/fontforge-20201107~dfsg/fontforge/python.c:6486:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
at = sprintf(repr, "<%s at 0x%p", Py_TYPENAME(self), self);
data/fontforge-20201107~dfsg/fontforge/python.c:6499:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
at += sprintf( &repr[at], " \"%s\">", self->sc->name);
data/fontforge-20201107~dfsg/fontforge/python.c:7595:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,g->sc->name);
data/fontforge-20201107~dfsg/fontforge/python.c:8457:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(locfilename,R_OK)!=0 ) {
data/fontforge-20201107~dfsg/fontforge/python.c:8754:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,str);
data/fontforge-20201107~dfsg/fontforge/python.c:16380:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(locfilename,fn);
data/fontforge-20201107~dfsg/fontforge/savefont.c:111:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:139:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:143:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,sf->fontname);
data/fontforge-20201107~dfsg/fontforge/savefont.c:158:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:185:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:248:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:303:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:331:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:377:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:388:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pt, "-%d%s", bdf->pixelsize, ext );
data/fontforge-20201107~dfsg/fontforge/savefont.c:390:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pt, "-%d@%d%s", bdf->pixelsize, BDFDepth(bdf), ext );
data/fontforge-20201107~dfsg/fontforge/savefont.c:470:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(bpt,buffer);
data/fontforge-20201107~dfsg/fontforge/savefont.c:639:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,newname);
data/fontforge-20201107~dfsg/fontforge/savefont.c:649:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename,names[subfont]);
data/fontforge-20201107~dfsg/fontforge/savefont.c:657:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt+len,pt+2);
data/fontforge-20201107~dfsg/fontforge/savefont.c:662:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp.fullname,sf->fullname);
data/fontforge-20201107~dfsg/fontforge/savefont.c:664:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp.fullname,names[subfont]);
data/fontforge-20201107~dfsg/fontforge/savefont.c:665:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(spt,subtype==ff_pfb ? ".pfb" : ".pfa" );
data/fontforge-20201107~dfsg/fontforge/savefont.c:671:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp.xuid,sf->xuid);
data/fontforge-20201107~dfsg/fontforge/savefont.c:676:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt+1,buf);
data/fontforge-20201107~dfsg/fontforge/savefont.c:927:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,newname);
data/fontforge-20201107~dfsg/fontforge/savefont.c:928:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp,oldbitmapstate==bf_otb ? "otb" : "ttf" );
data/fontforge-20201107~dfsg/fontforge/savefont.c:938:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,newname);
data/fontforge-20201107~dfsg/fontforge/savefont.c:1123:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(freeme,filename);
data/fontforge-20201107~dfsg/fontforge/scripting.c:408:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(errbuf,sizeof(errbuf),format,ap);
data/fontforge-20201107~dfsg/fontforge/scripting.c:694:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c->return_val.u.sval+len,arr->vals[i].u.sval);
data/fontforge-20201107~dfsg/fontforge/scripting.c:695:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(c->return_val.u.sval+len,str2);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1526:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,results[0]); pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1532:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,results[j]); pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1707:28: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
c->return_val.u.ival = access(c->a.vals[1].u.sval,c->a.argc==3 ? c->a.vals[2].u.ival : R_OK );
data/fontforge-20201107~dfsg/fontforge/scripting.c:1819:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,filename);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1824:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,filename);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9774:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
sub.filename = strcpy(malloc(strlen(c->filename)+strlen(name)+4),c->filename);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9776:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt+1,name);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9782:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
sub.filename = strcpy(malloc(strlen(name)+4),name);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9859:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,c->tok_text);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10048:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s", FONTFORGE_VERSION);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10311:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,val->u.sval);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10312:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ret,temp);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10540:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,val->u.lval->u.sval);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10541:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ret,temp);
data/fontforge-20201107~dfsg/fontforge/scstyles.c:2069:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,pt);
data/fontforge-20201107~dfsg/fontforge/scstyles.c:2071:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,ext);
data/fontforge-20201107~dfsg/fontforge/search.c:1380:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(namebuf, "%s.ref%d", base->name, index++ );
data/fontforge-20201107~dfsg/fontforge/search.c:1394:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( ret->comment, reason, base->name, morereason );
data/fontforge-20201107~dfsg/fontforge/sfd.c:1506:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( sfd, v ? "VKerns2:" : "Kerns2:" );
data/fontforge-20201107~dfsg/fontforge/sfd.c:1710:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( sfd, v ? "VKerns2:" : "Kerns2:" );
data/fontforge-20201107~dfsg/fontforge/sfd.c:1814:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest,dir);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1816:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest,dir_char);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1852:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest,ext);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2873:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( subfont,"%s/%s" SUBFONT_EXT, dirname, sf->subfonts[i]->fontname );
data/fontforge-20201107~dfsg/fontforge/sfd.c:2876:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fontprops,subfont); strcat(fontprops,"/" FONT_PROPS);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2876:30: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(fontprops,subfont); strcat(fontprops,"/" FONT_PROPS);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2951:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( strike,"%s/%d" STRIKE_EXT, dirname, bdf->pixelsize );
data/fontforge-20201107~dfsg/fontforge/sfd.c:2954:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(strikeprops,strike); strcat(strikeprops,"/" STRIKE_PROPS);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2954:34: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(strikeprops,strike); strcat(strikeprops,"/" STRIKE_PROPS);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2967:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(sfd, sf->cidmaster==NULL?"EndSplineFont\n":"EndSubSplineFont\n" );
data/fontforge-20201107~dfsg/fontforge/sfd.c:2980:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( instance,"%s/mm%d" INSTANCE_EXT, dirname, mm_pos );
data/fontforge-20201107~dfsg/fontforge/sfd.c:2983:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fontprops,instance); strcat(fontprops,"/" FONT_PROPS);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2983:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(fontprops,instance); strcat(fontprops,"/" FONT_PROPS);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3108:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer,"%s/%s", filename, ent->d_name );
data/fontforge-20201107~dfsg/fontforge/sfd.c:3144:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer,"%s/%s", filename, ent->d_name );
data/fontforge-20201107~dfsg/fontforge/sfd.c:3149:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( markerfile,"%s/" STRIKE_PROPS, buffer );
data/fontforge-20201107~dfsg/fontforge/sfd.c:3151:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( markerfile,"%s/" FONT_PROPS, buffer );
data/fontforge-20201107~dfsg/fontforge/sfd.c:3172:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempfilename,filename); strcat(tempfilename,"/" FONT_PROPS);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3172:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(tempfilename,filename); strcat(tempfilename,"/" FONT_PROPS);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3279:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2,filename);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3280:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf2,compressors[sf->compression-1].ext);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3281:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,buf2);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3321:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s %s", compressors[sf->compression-1].recomp, filename );
data/fontforge-20201107~dfsg/fontforge/sfd.c:3322:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system( buf )!=0 )
data/fontforge-20201107~dfsg/fontforge/sfd.c:5283:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ret, line+len );
data/fontforge-20201107~dfsg/fontforge/sfd.c:6269:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s/%s", dirname, ent->d_name);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7056:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sofar+len,buffer);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7151:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s/%s", dirname, ent->d_name);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7174:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s/%s", dirname, ent->d_name);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7175:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(props,"%s/" FONT_PROPS, name);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7199:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s/%s", dirname, ent->d_name);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7200:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(props,"%s/" FONT_PROPS, name);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7239:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s/%s", dirname, ent->d_name);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7240:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(props,"%s/" STRIKE_PROPS, name);
data/fontforge-20201107~dfsg/fontforge/sfd.c:9077:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tok,sizeof(tok),"%s/" FONT_PROPS, filename );
data/fontforge-20201107~dfsg/fontforge/sfd.c:9140:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tok,sizeof(tok),"%s/" FONT_PROPS,cur_sf->filename);
data/fontforge-20201107~dfsg/fontforge/sfd.c:9214:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tok,sizeof(tok),"%s/%s" GLYPH_EXT,cur_sf->filename,name);
data/fontforge-20201107~dfsg/fontforge/sfd1.c:466:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( lac->ac.name, format, ac->ac.name );
data/fontforge-20201107~dfsg/fontforge/sflayout.c:1299:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( filename, "%s/ff-preview-%s-%d-%d.bmp", dir, sf->fontname, getpid(), ++cnt );
data/fontforge-20201107~dfsg/fontforge/sflayout.c:1301:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( filename, "%s/ff-preview-%s-%d-%d.png", dir, sf->fontname, getpid(), ++cnt );
data/fontforge-20201107~dfsg/fontforge/splinefont.c:833:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( archivedir, "%s/ffarchive-%d-%d", dir, getpid(), ++cnt );
data/fontforge-20201107~dfsg/fontforge/splinefont.c:840:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( listfile, "%s/" TOC_NAME, archivedir );
data/fontforge-20201107~dfsg/fontforge/splinefont.c:846:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( listcommand, "%s %s %s > %s", archivers[i].unarchive,
data/fontforge-20201107~dfsg/fontforge/splinefont.c:848:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system(listcommand)!=0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:869:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( unarchivecmd, "( cd %s ; %s %s %s %s ) > /dev/null", archivedir,
data/fontforge-20201107~dfsg/fontforge/splinefont.c:872:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system(unarchivecmd)!=0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:880:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( finalfile, "%s/%s", archivedir, desiredfile );
data/fontforge-20201107~dfsg/fontforge/splinefont.c:905:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpfn,dir);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:907:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmpfn,GFileNameTail(name));
data/fontforge-20201107~dfsg/fontforge/splinefont.c:910:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system(buf)==0 )
data/fontforge-20201107~dfsg/fontforge/splinefont.c:922:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( tmpfilename, P_tmpdir "/fontforge%d-%d", getpid(), try++ );
data/fontforge-20201107~dfsg/fontforge/splinefont.c:924:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmpfilename,exten);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:925:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access( tmpfilename, F_OK )==-1 &&
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1031:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname,strippedname);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1032:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullname,paren);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1067:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname,strippedname);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1068:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullname,paren);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1108:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,strippedname);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1114:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,strippedname);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1272:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(norm->origname,fname);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1274:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(norm->origname,sf->chosenname);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1359:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tobefreed1,filename);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1362:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ept,extens[i]);
data/fontforge-20201107~dfsg/fontforge/splineoverlap.c:101:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr,format,ap);
data/fontforge-20201107~dfsg/fontforge/splineoverlap.c:113:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr,format,ap);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:155:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf2, "%s %s", name, second);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:190:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, amfm_filename);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:194:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,fontname);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:215:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(afmname+(pt-filename),isupper(pt[1])?".AFM":".afm");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:260:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new,psname);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:266:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,wasuc?".AMFM":".amfm");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:268:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,wasuc?".amfm":".AMFM");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:274:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,wasuc?".AFM":".afm");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:276:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,wasuc?".afm":".AFM");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:321:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(components,sc1->name);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:323:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(components,sc2->name);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:436:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(components,sf->glyphs[used[i]]->name);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1183:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( afm, ismm ? "StartMasterFontMetrics 4.0\n" :
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1375:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,this->base->name);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1379:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,cca->accent->name);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1754:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(amfm, i==mm->instance_count-1 ? "]" : "] " );
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1763:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(amfm, i==mm->axis_count-1 ? "]" : "] " );
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1950:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lig->u.lig.components,"%s %s",sublig->name,
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2997:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,sf->fontname);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:3006:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(header.encoding+1,encname);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:3015:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(header.family+1,familyname);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:121:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,str1);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:122:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret+len1,str2);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:131:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,str1);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:132:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret+len1,str2);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:133:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret+len1+len2,str3);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:7943:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)gb->pt, str);
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2952:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%s.sfd", sf->fontname);
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2968:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sf->xuid,"[%s %d]", xuid, (rand()&0xffffff));
data/fontforge-20201107~dfsg/fontforge/svg.c:887:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( file, isv ? " <vkern " : " <hkern " );
data/fontforge-20201107~dfsg/fontforge/svg.c:910:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( file, isv ? " <vkern g1=\"" : " <hkern g1=\"" );
data/fontforge-20201107~dfsg/fontforge/svg.c:3010:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,chars[len]->name);
data/fontforge-20201107~dfsg/fontforge/svg.c:3073:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,temp->name);
data/fontforge-20201107~dfsg/fontforge/svg.c:3393:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sf->xuid,"[%s %d]", xuid, (rand()&0xffffff));
data/fontforge-20201107~dfsg/fontforge/tottf.c:5904:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname,fontname);
data/fontforge-20201107~dfsg/fontforge/tottf.c:5978:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "/%s %ld StartData\n", sf->fontname, len );
data/fontforge-20201107~dfsg/fontforge/ttfinstrs.c:553:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt, ff_ttf_instrnames[iv->instrdata->instrs[i]]);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:2007:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str+len,bdf->props[i].u.atom );
data/fontforge-20201107~dfsg/fontforge/ufo.c:86:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, basedir);
data/fontforge-20201107~dfsg/fontforge/ufo.c:89:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname,sub);
data/fontforge-20201107~dfsg/fontforge/ufo.c:193:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disposable, output); // strtok rewrites the input string, so we make a copy.
data/fontforge-20201107~dfsg/fontforge/ufo.c:1244:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(styleMapFamily, preferredFamilyName);
data/fontforge-20201107~dfsg/fontforge/ufo.c:1246:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(styleMapFamily, preferredSubfamilyName);
data/fontforge-20201107~dfsg/fontforge/ufo.c:3587:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(current_group->glyphs, member_native_current->sc->name);
data/fontforge-20201107~dfsg/fontforge/ufo.c:3906:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,valName);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:286:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,sf->familyname);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:289:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp,sf->weight);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:834:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(non_resident_name, "FONTRES 100,%d,%d : %s %d", dpi[0], dpi[1], name, point_size);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:835:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(resident_name, name);
data/fontforge-20201107~dfsg/fontforgeexe/basedlg.c:306:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer,sizeof(buffer),is_vertical ? _("Vertical Extents for %c%c%c%c") : _("Horizontal Extents for %c%c%c%c"),
data/fontforge-20201107~dfsg/fontforgeexe/bitmapdlg.c:231:56: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
GGadgetSetEnabled(GWidgetGetControl(gw,CID_100Lab),system!=CID_Mac);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapdlg.c:232:53: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
GGadgetSetEnabled(GWidgetGetControl(gw,CID_100),system!=CID_Mac);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:209:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+strlen(buf), uniname);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:654:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(refinfo,"%s XOff: %d YOff: %d", ref->bdfc->sc->name, ref->xoff, ref->yoff);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:830:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%d%s%d", bv->info_x, coord_sep, bv->info_y );
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:835:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%d%s%d", bv->info_x-bv->pressed_x, coord_sep, bv->info_y-bv->pressed_y );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1810:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(components+len,temp);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1844:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(components,next);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1942:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( namebuf, "uni%04X.%s", tolower(sc->unicodeenc), suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1946:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( namebuf, "%c%s.%s", tolower(*sc->name), sc->name+1, suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1952:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( namebuf, "uni%04X.%s", toupper(sc->unicodeenc), suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1956:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( namebuf, "%c%s.%s", toupper(*sc->name), sc->name+1, suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3749:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lblbuf, "%s%s", lblprefix, inp_l);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4107:29: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
codepoints_as_hex = strcat(codepoints_as_hex, buffer);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2275:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ubuf,ap->type==at_basemark ? _("Base") : _("Mark") );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2281:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ubuf,ap->type==at_centry ? _("Entry") : _("Exit") );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4040:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%d%s%d", (int) cv->info.x, coord_sep, (int) cv->info.y );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4042:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%.4g%s%.4g", (double) cv->info.x, coord_sep, (double) cv->info.y );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4121:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%d%s%d", (int) selx, coord_sep, (int) sely );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4123:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%.4g%s%.4g", (double) selx, coord_sep, (double) sely );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4141:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%d%%%s%d%%", (int) xdiff, coord_sep, (int) ydiff );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4143:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%.3g%%%s%.3g%%", (double) xdiff, coord_sep, (double) ydiff );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4145:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%d%s%d", (int) xdiff, coord_sep, (int) ydiff );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4147:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%.4g%s%.4g", (double) xdiff, coord_sep, (double) ydiff );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:5786:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer,format,(double)val); /* formats are given as for doubles */
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:5802:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer,format,(double)val); /* formats are given as for doubles */
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:8910:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( hd->ret, u_to_c(hd->label.text));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:8911:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( hd->ret, GGadgetGetTitle8(GWidgetGetControl(hd->gw,CID_getValueFromUser)));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:12100:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf,sizeof(buf),
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:80:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,sc->name);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:96:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pt,start );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:201:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rpt,rpl);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:234:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt, classnames[cols*classes[i]+0].u.md_str);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:265:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt, classnames[cols*classes[i]+0].u.md_str);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:305:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pt," %d <%s>,", r->lookups[i].seq, r->lookups[i].lookup->lookup_name);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:367:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,temp);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:374:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,r->u.glyph.names);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:380:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,r->u.glyph.fore);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:442:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,classes[1][cols*c+0].u.md_str);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:454:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,classes[0][cols*c+0].u.md_str);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:467:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,classes[2][cols*c+0].u.md_str);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1437:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( space, " @<%s> ", otl->lookup_name );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:179:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, " zp0: %s", exc->GS.gep0?"Normal":"Twilight" );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:181:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, " zp1: %s", exc->GS.gep1?"Normal":"Twilight" );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:183:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, " zp2: %s", exc->GS.gep2?"Normal":"Twilight" );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:208:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "AutoFlip: %s", exc->GS.auto_flip?"True": "False" );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:214:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "RndState: %s",
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:233:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "ScanControl: %s", exc->GS.scan_control?"True": "False" );
data/fontforge-20201107~dfsg/fontforgeexe/cvdgloss.c:93:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer,sizeof(buffer),format,ap);
data/fontforge-20201107~dfsg/fontforgeexe/cvexportdlg.c:823:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( bpt, "_%.40s.%s", sc->parent->fontname, ext);
data/fontforge-20201107~dfsg/fontforgeexe/cvexportdlg.c:826:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%.40s_%.40s.%s", sc->name, sc->parent->fontname, ext);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1910:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( buffer, format, (double) v );
data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c:106:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buffer, hd->ishstem ? " hstem3" : " vstem3" );
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:672:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( text, "*.{%s}", ae );
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:674:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( text, "*.%s", ae );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2491:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(namebuf, "%s", sc->parent->layers[i].name);
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2493:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(namebuf,"%s", i==-1 ? _("Guide") : (i==0 ?_("Back") : _("Fore")) );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2605:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (i==1) sprintf( buffer,"%s",basestr );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2606:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf( buffer,"%s %d",basestr, i );
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:52:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, _("%s No Slope"), label );
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:54:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s dy/dx= ∞, %4g°", label, atan2(dy,dx)*180/FF_PI);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:56:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s dy/dx= %4g, %4g°", label, dy/dx, atan2(dy,dx)*180/FF_PI);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:732:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( buffer, blen, U_("∆Curvature: %g"), (kappa-kappa2)*emsize );
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:688:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"pr-%.90s.%s", pi->pi.mainsf->fontname,
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:363:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s-%s-%d", map->registry, map->ordering, map->supplement);
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:389:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,block.dirs[ret-1]);
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:391:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename,block.maps[ret-1]);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1999:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(npt,rpl);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2929:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strings[3*r+2].u.md_str,stylelist[i][other_pos].str);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2939:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp+(pt-new),stylelist[i][other_pos].str);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2940:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp+(pt-new),pt+strlen(stylelist[i][j].str));
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2955:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(strings[3*r+2].u.md_str,new);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3316:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( buffer, data[l], tm->tm_year+1900, author );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3319:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( buffer, data[l], reservedname );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3324:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pt, bpt );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:593:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname,oldname);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:597:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,s2d ? ".sfdir" : ".sfd" );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:640:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,fn);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:651:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp,save_to_dir ? ".sfdir" : ".sfd");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1101:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,temp); strcat(full,"/"); strcat(full,file);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1101:58: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(full,temp); strcat(full,"/"); strcat(full,file);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3658:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename,buf2);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4057:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,fv->b.sf->filename);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4059:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,compressors[fv->b.sf->compression-1].ext);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4061:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(buf,F_OK)==0 )
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4896:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(buffer,F_OK)==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5693:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( feat_sc->name, "%s.%s", base_sc->name, fv->cur_subtable->suffix );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5699:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( feat_sc->name,"%s.m%d_%d", base_sc->name,
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5705:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( feat_sc->name,"%s.%c%c%c%c", base_sc->name,
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:6405:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data+cnt,sf->glyphs[gid]->name);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:7793:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rpt,repr);
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:52:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,filename); strcat(full,"/"); strcat(full,file);
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:52:43: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(full,filename); strcat(full,"/"); strcat(full,file);
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1469:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( ret, "%s: %s", prefix, first->name);
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1473:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( ret, "%s: %s, %s", prefix, first->name, second->name );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1477:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( ret, "%s: %s, %s ...", prefix, first->name, second->name );
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:317:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,h->chars[i]->name);
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:172:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,strings[1*i+0].u.md_str);
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:379:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,otl->lookup_name);
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:560:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,otll[i]->lookup_name);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4557:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rpt,start);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4595:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,sc->name);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5291:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( def, "%s-%d", sub->lookup->lookup_name, name_search++ );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6625:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,sourcesc->name);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6626:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name+(pt-sourcesc->name),suffix);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:262:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,lang);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:266:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,hunh);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:268:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(full,spacer);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:269:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(full,temp);
data/fontforge-20201107~dfsg/fontforgeexe/math.c:286:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str+len,gv->parts[i].component);
data/fontforge-20201107~dfsg/fontforgeexe/math.c:292:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str+len,buffer);
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5137:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,sname); strcat(temp,"{"); strcat(temp,lname); strcat(temp,"}");
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5137:45: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(temp,sname); strcat(temp,"{"); strcat(temp,lname); strcat(temp,"}");
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5141:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,sbuf); temp[4] = '{'; strcpy(temp+5,lbuf); temp[9]='}'; temp[10] = 0;
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5141:41: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,sbuf); temp[4] = '{'; strcpy(temp+5,lbuf); temp[9]='}'; temp[10] = 0;
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5298:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt, mv->chars[cnt]->name);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:128:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,dv);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:134:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp+len,ndv);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:142:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp+len,cdv);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:550:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(axisnames[i],an);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:551:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(axisnames[i],axisrange);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1363:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ret,"dup %g le {%s} {%s} ifelse", (double) positions[i+1], buffer, elsepart );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1422:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ret,"dup %g le {%s} {%s} ifelse", (double) axis->designs[i+1], buffer, elsepart );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1435:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,header);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1436:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp,ret);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1529:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(standard_cdvs[4],cdv_4axis[0]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1530:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(standard_cdvs[4],cdv_4axis[1]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1531:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(standard_cdvs[4],cdv_4axis[2]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2825:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(designs[i]+len1, buffer );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2829:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(normalized[i]+len2, buffer );
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:271:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"inf%sinf", coord_sep);
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:276:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"%g%s%g", x, coord_sep, y );
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:781:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/prefs", ffdir);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:910:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,enc);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2606:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s/FontsOpenAtLastQuit", ffdir);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2139:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str,end+1); /* Skip the space */
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2143:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(res+(str-*base),new);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2144:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(res,end);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:4284:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret+len,_(vserrornames[m]));
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1186:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,dir);
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1188:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,filename);
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1316:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_name, "%s-%s", timestamp, original_name);
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:788:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename, st->li.fontlist->fd->sf->fontname);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:359:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:360:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name,kc->seconds[i]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:439:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:455:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:456:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,r->u.glyph.names);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:464:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:465:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,r->u.glyph.fore);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:525:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:526:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,r->u.coverage.bcovers[j]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:535:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:536:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,r->u.coverage.ncovers[j]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:545:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:546:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,r->u.coverage.fcovers[j]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:573:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:574:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,r->u.rcoverage.replacements);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:609:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, _("%s by %s"), _(type[fpst->type-pst_contextpos]),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:620:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:621:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,fpst->bclass[j]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:630:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:631:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,fpst->nclass[j]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:640:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:641:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,fpst->fclass[j]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:708:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lines[len].label,buf);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:709:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lines[len].label,sm->classes[j]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:958:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lbuf,"%s ∆x=%d ∆y=%d ∆x_adv=%d ∆y_adv=%d",
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:963:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lbuf, "%s %s %s", sc->name,
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1143:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+7,S_((char *) languages[j].text));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1290:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+7,S_((char *) languages[j].text));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1315:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,_sf->mark_class_names[i]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1317:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp,_sf->mark_classes[i]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1427:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%.70s %s", sc->name,
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1587:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, _("Default Baseline: '%s'"),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1608:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%s: %s", sc->name,
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1715:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%.70s dir=%s", sc->name,
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1875:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+7,S_((char*) scripts[j].text));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1883:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,S_("writing system|Script"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1913:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+7,S_((char*) scripts[j].text));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1921:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf,S_("writing system|Script"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2032:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer,sizeof(buffer),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2042:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer,sizeof(buffer),
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:426:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system( "DYLD_LIBRARY_PATH=\"\"; osascript -e 'tell application \"X11\" to activate'" );
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:440:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system( "DYLD_LIBRARY_PATH=\"\"; osascript -e 'tell application \"X11\" to activate'" );
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:454:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system( "DYLD_LIBRARY_PATH=\"\"; osascript -e 'tell application \"X11\" to activate'" );
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:501:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system( "DYLD_LIBRARY_PATH=\"\"; osascript -e 'tell application \"X11\" to activate'" );
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:579:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%s/.FontForge-LogFile.txt", getenv("HOME"));
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:721:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full,window_name);
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:723:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(full,cmndline_val);
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:737:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%s/FontsOpenAtLastQuit", ffdir );
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:996:6: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system( "osascript -e 'tell application \"X11\" to launch'" );
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:997:6: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system( "osascript -e 'tell application \"X11\" to activate'" );
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1014:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(env, lang);
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1374:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname,buffer); strcat(fname,"/glyphs/contents.plist");
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1381:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname,buffer); strcat(fname,"/font.props");
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:946:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( buf, i+smd->offtop<100 ? "St%d" : "%d", i+smd->offtop );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1003:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,indicverbs[0][this->flags&0xf]);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:147:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer,sizeof(buffer),format,ap);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:323:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ret, errdata.errlines[s_l]+s_c );
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:327:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,errdata.errlines[l]);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:581:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer,sizeof(buffer),format,ap);
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:87:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ret, sc->name );
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:859:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf,sizeof(buf)/sizeof(buf[0]),question,ap);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:604:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( buffer,inschr.map<em_first2byte?"0x%02x":"0x%04x", resch );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:838:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( buffer, inschr.map<em_first2byte?"0x%02x":"0x%04x", ch );
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:208:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), fmt, ap);
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:223:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf, fmt, ap);
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:240:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf+strlen(buf), fmt, ap);
data/fontforge-20201107~dfsg/gdraw/ggdkdrawlogger.c:84:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, BUFSIZ, fmt, va);
data/fontforge-20201107~dfsg/gdraw/gmenu.c:396:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buffer, tmp);
data/fontforge-20201107~dfsg/gdraw/gresedit.c:103:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( fontname, "%d %s%dpt %s", rq.weight,
data/fontforge-20201107~dfsg/gdraw/gresedit.c:109:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( fontname, "%d %s%dpt %s", rq.weight,
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:390:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( path,"%s/%s", imagepath[k], bucket->filename );
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:456:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absname,getenv("HOME"));
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:517:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( path,"%s/%s", imagepath[k], filename );
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:575:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absname,getenv("HOME"));
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:576:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absname,fname+1);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:1556:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret+len,propret[i]);
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:164:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/hotkeys%s", ffdir, extension);
data/fontforge-20201107~dfsg/gutils/fsys.c:212:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,dirname_);
data/fontforge-20201107~dfsg/gutils/fsys.c:215:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,name);
data/fontforge-20201107~dfsg/gutils/fsys.c:280:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,dir);
data/fontforge-20201107~dfsg/gutils/fsys.c:290:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer+len,fname);
data/fontforge-20201107~dfsg/gutils/fsys.c:341:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret,dir);
data/fontforge-20201107~dfsg/gutils/fsys.c:345:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt,name);
data/fontforge-20201107~dfsg/gutils/fsys.c:379:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return( access(file,0)==0 );
data/fontforge-20201107~dfsg/gutils/fsys.c:383:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return( access(file,02)==0 );
data/fontforge-20201107~dfsg/gutils/fsys.c:400:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return( access(file,04)==0 );
data/fontforge-20201107~dfsg/gutils/fsys.c:525:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename,"%s/%s", path, prog);
data/fontforge-20201107~dfsg/gutils/fsys.c:526:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(filename,1)!= -1 ) {
data/fontforge-20201107~dfsg/gutils/fsys.c:540:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename,"%.*s/%s", (int)(pt-path), path, prog);
data/fontforge-20201107~dfsg/gutils/fsys.c:543:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(filename,1)!= -1 ) {
data/fontforge-20201107~dfsg/gutils/fsys.c:550:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename,"%s/%s", path, prog);
data/fontforge-20201107~dfsg/gutils/fsys.c:551:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(filename,1)!= -1 )
data/fontforge-20201107~dfsg/gutils/fsys.c:762:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return( access(buffer,0)==0 );
data/fontforge-20201107~dfsg/gutils/fsys.c:768:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return( access(buffer,02)==0 );
data/fontforge-20201107~dfsg/gutils/fsys.c:786:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return( access(buffer,04)==0 );
data/fontforge-20201107~dfsg/gutils/fsys.c:868:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sharedir,prefix);
data/fontforge-20201107~dfsg/gutils/fsys.c:884:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sharedir,prefix);
data/fontforge-20201107~dfsg/gutils/fsys.c:901:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sharedir,prefix);
data/fontforge-20201107~dfsg/gutils/fsys.c:902:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sharedir,postfix);
data/fontforge-20201107~dfsg/gutils/fsys.c:1117:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret, path);
data/fontforge-20201107~dfsg/gutils/gimagewritegimage.c:46:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(file,j==0?" ":"\t");
data/fontforge-20201107~dfsg/gutils/gimagewritegimage.c:59:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(file,j==0?" ":"\t");
data/fontforge-20201107~dfsg/gutils/gimagewritegimage.c:82:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(file,base->image_type==it_true?" it_true,\n":
data/fontforge-20201107~dfsg/gutils/giofile.c:117:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,path);
data/fontforge-20201107~dfsg/gutils/giofile.c:125:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ept,ent->d_name);
data/fontforge-20201107~dfsg/inc/basics.h:70:20: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define TRACE(...) fprintf(stderr, __VA_ARGS__)
data/fontforge-20201107~dfsg/inc/ustring.h:45:65: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define PRINTF_FORMAT_ATTRIBUTE(x, y) __attribute__((format(printf, x, y)))
data/fontforge-20201107~dfsg/tests/randomtest.c:358:5: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp(command,command,"-c","Open($1)",testfont,NULL);
data/fontforge-20201107~dfsg/tests/randomtest.c:377:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buffer, "%s/test%d", results_dir, test_num++ );
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:72:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SOURCE_DATE_EPOCH")) {
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:801:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SOURCE_DATE_EPOCH")) {
data/fontforge-20201107~dfsg/fontforge/autotrace.c:203:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (dir=getenv("TMPDIR"))!=NULL )
data/fontforge-20201107~dfsg/fontforge/autotrace.c:221:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (dir=getenv("TMPDIR"))!=NULL )
data/fontforge-20201107~dfsg/fontforge/autotrace.c:609:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (( path = getenv("PATH"))==NULL )
data/fontforge-20201107~dfsg/fontforge/autotrace.c:646:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (( name = getenv("POTRACE"))!=NULL )
data/fontforge-20201107~dfsg/fontforge/autotrace.c:649:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (( name = getenv("AUTOTRACE"))!=NULL )
data/fontforge-20201107~dfsg/fontforge/autotrace.c:651:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (( name = getenv("POTRACE"))!=NULL )
data/fontforge-20201107~dfsg/fontforge/autotrace.c:674:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (( name = getenv("MF"))!=NULL )
data/fontforge-20201107~dfsg/fontforge/cvexport.c:126:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SOURCE_DATE_EPOCH")) {
data/fontforge-20201107~dfsg/fontforge/cvexport.c:249:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SOURCE_DATE_EPOCH")) {
data/fontforge-20201107~dfsg/fontforge/cvexport.c:258:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( zoffset==0 || getenv("SOURCE_DATE_EPOCH") )
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2210:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *dir = getenv("TMPDIR");
data/fontforge-20201107~dfsg/fontforge/langfreq.c:1893:11: [3] (random) g_random_double:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cum = g_random_double();
data/fontforge-20201107~dfsg/fontforge/langfreq.c:1943:12: [3] (random) g_random_double:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cum = g_random_double();
data/fontforge-20201107~dfsg/fontforge/langfreq.c:1957:8: [3] (random) g_random_double:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cum = g_random_double();
data/fontforge-20201107~dfsg/fontforge/langfreq.c:1975:6: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
i = g_random_int_range(0, cnt);
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2027:4: [3] (random) g_random_double:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
g_random_double() >= lf->all_consonants[len] ) {
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2048:15: [3] (random) g_random_double:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
retry = g_random_double() >= lf->vowel_run[vlen+1]/lf->vowel_run[2];
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2050:15: [3] (random) g_random_double:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
retry = g_random_double() >= lf->consonant_run[vlen+1]/lf->consonant_run[2];
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2180:9: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
i = g_random_int_range(0, chrs->cnt);
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2202:23: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int i, len = 20 + g_random_int_range(0, 65);
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2267:12: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int pos = g_random_int_range(0, cnt+1);
data/fontforge-20201107~dfsg/fontforge/macenc.c:1300:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
loc = getenv("LC_ALL");
data/fontforge-20201107~dfsg/fontforge/macenc.c:1301:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LC_MESSAGES");
data/fontforge-20201107~dfsg/fontforge/macenc.c:1302:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LANG");
data/fontforge-20201107~dfsg/fontforge/noprefs.c:630:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
loc = getenv("LC_ALL");
data/fontforge-20201107~dfsg/fontforge/noprefs.c:631:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LC_CTYPE");
data/fontforge-20201107~dfsg/fontforge/noprefs.c:633:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LANG");
data/fontforge-20201107~dfsg/fontforge/noprefs.c:661:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(tv.tv_usec);
data/fontforge-20201107~dfsg/fontforge/noprefs.c:667:10: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r2 = g_random_int();
data/fontforge-20201107~dfsg/fontforge/parsettf.c:306:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
lang = getenv(envs[i]);
data/fontforge-20201107~dfsg/fontforge/print.c:1165:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SOURCE_DATE_EPOCH")) {
data/fontforge-20201107~dfsg/fontforge/print.c:1174:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( zoffset==0 || getenv("SOURCE_DATE_EPOCH") )
data/fontforge-20201107~dfsg/fontforge/print.c:2618:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *lang = getenv("LANG");
data/fontforge-20201107~dfsg/fontforge/scripting.c:1115:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (env = getenv(c->a.vals[1].u.sval))==NULL )
data/fontforge-20201107~dfsg/fontforge/scripting.c:10814:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
verbose = getenv("FONTFORGE_VERBOSE")!=NULL;
data/fontforge-20201107~dfsg/fontforge/scripting.c:10959:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
pt = getenv("FONTFORGE_LANGUAGE");
data/fontforge-20201107~dfsg/fontforge/sflayout.c:1295:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *dir = getenv("TMPDIR");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:802:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *dir = getenv("TMPDIR");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:899:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *dir = getenv("TMPDIR");
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2956:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!getenv("SOURCE_DATE_EPOCH")) {
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2999:46: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
static void SFChangeXUID(SplineFont *sf, int random) {
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:3012:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random )
data/fontforge-20201107~dfsg/fontforge/start.c:72:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(tv.tv_usec);
data/fontforge-20201107~dfsg/fontforge/start.c:86:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( getenv("FF_SCRIPT_IN_LATIN1") ) use_utf8_in_script=false;
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:962:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
loc = getenv("LC_ALL");
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:963:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LC_CTYPE");
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:965:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LANG");
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:993:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(tv.tv_usec);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:999:10: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r2 = g_random_int();
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:577:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( getenv("HOME")!=NULL ) {
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:579:49: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sprintf( buffer, "%s/.FontForge-LogFile.txt", getenv("HOME"));
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:919:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *load_prefs = getenv("FONTFORGE_LOADPREFS");
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:946:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("HOME")!=NULL) chdir(getenv("HOME"));
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:946:38: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("HOME")!=NULL) chdir(getenv("HOME"));
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:990:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( local_x==1 && getenv("DISPLAY")==NULL ) {
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1000:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if ( local_x==1 && *getenv("DISPLAY")!='/' && strcmp(getenv("DISPLAY"),":0.0")!=0 && strcmp(getenv("DISPLAY"),":0")!=0 )
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1000:65: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if ( local_x==1 && *getenv("DISPLAY")!='/' && strcmp(getenv("DISPLAY"),":0.0")!=0 && strcmp(getenv("DISPLAY"),":0")!=0 )
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1000:104: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if ( local_x==1 && *getenv("DISPLAY")!='/' && strcmp(getenv("DISPLAY"),":0.0")!=0 && strcmp(getenv("DISPLAY"),":0")!=0 )
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1006:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( getenv("DISPLAY")==NULL ) {
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1009:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if( getenv("LC_ALL")==NULL ){
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1072:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( getenv("LANG")==NULL && getenv("LC_MESSAGES")==NULL ) {
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1072:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( getenv("LANG")==NULL && getenv("LC_MESSAGES")==NULL ) {
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:67:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *loc = getenv("LC_ALL");
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:70:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LC_CTYPE");
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:71:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LANG");
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:72:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LC_MESSAGES");
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:1065:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(home = getenv("HOME"))!=NULL ) {
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:1081:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(home = getenv("HOME"))!=NULL ) {
data/fontforge-20201107~dfsg/gdraw/ggadgets.c:410:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *loc = getenv("LC_ALL");
data/fontforge-20201107~dfsg/gdraw/ggadgets.c:411:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LC_CTYPE");
data/fontforge-20201107~dfsg/gdraw/ggadgets.c:412:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( loc==NULL ) loc = getenv("LANG");
data/fontforge-20201107~dfsg/gdraw/ggdkdraw.c:2568:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("GGDK_DEBUG")) {
data/fontforge-20201107~dfsg/gdraw/ggdkdrawlogger.c:46:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *requested = getenv("GGDK_LOGLEVEL");
data/fontforge-20201107~dfsg/gdraw/gresedit.c:2479:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( getenv("LC_MESSAGES")!=NULL ) {
data/fontforge-20201107~dfsg/gdraw/gresedit.c:2480:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( strstr(getenv("LC_MESSAGES"),"_US")!=NULL )
data/fontforge-20201107~dfsg/gdraw/gresedit.c:2482:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if ( getenv("LANG")!=NULL ) {
data/fontforge-20201107~dfsg/gdraw/gresedit.c:2483:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( strstr(getenv("LANG"),"_US")!=NULL )
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:453:57: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ( *start=='~' && start[1]=='/' && len>=2 && getenv("HOME")!=NULL ) {
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:454:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
int hlen = strlen(getenv("HOME"));
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:456:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcpy(absname,getenv("HOME"));
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:573:47: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ( *fname=='~' && fname[1]=='/' && getenv("HOME")!=NULL ) {
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:574:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *absname = malloc( strlen(getenv("HOME"))+strlen(fname)+8 );
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:575:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcpy(absname,getenv("HOME"));
data/fontforge-20201107~dfsg/gutils/fsys.c:152:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char* dir = getenv("HOME");
data/fontforge-20201107~dfsg/gutils/fsys.c:154:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dir = getenv("USERPROFILE");
data/fontforge-20201107~dfsg/gutils/fsys.c:166:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dir = getenv("HOME");
data/fontforge-20201107~dfsg/gutils/fsys.c:519:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if( (path = getenv("PATH")) != NULL ){
data/fontforge-20201107~dfsg/gutils/fsys.c:538:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ( (path = getenv("PATH"))!=NULL ) {
data/fontforge-20201107~dfsg/gutils/fsys.c:911:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char* dir = getenv("APPDATA");
data/fontforge-20201107~dfsg/gutils/fsys.c:913:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dir = getenv("USERPROFILE");
data/fontforge-20201107~dfsg/gutils/fsys.c:922:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/fontforge-20201107~dfsg/gutils/fsys.c:963:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("FF_PORTABLE") != NULL) {
data/fontforge-20201107~dfsg/gutils/fsys.c:975:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
xdg = getenv("XDG_CACHE_HOME");
data/fontforge-20201107~dfsg/gutils/fsys.c:979:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
xdg = getenv("XDG_CONFIG_HOME");
data/fontforge-20201107~dfsg/gutils/fsys.c:983:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
xdg = getenv("XDG_DATA_HOME");
data/fontforge-20201107~dfsg/gutils/fsys.c:1064:12: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
return g_get_tmp_dir();
data/fontforge-20201107~dfsg/gutils/gutils.c:40:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
} else if (getenv("SOURCE_DATE_EPOCH")) {
data/fontforge-20201107~dfsg/gutils/gutils.c:41:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *username = getenv("USER");
data/fontforge-20201107~dfsg/gutils/gutils.c:53:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *source_date_epoch = getenv("SOURCE_DATE_EPOCH");
data/fontforge-20201107~dfsg/gutils/gutils.c:65:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SOURCE_DATE_EPOCH")) {
data/fontforge-20201107~dfsg/gutils/gutils.c:66:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
st_time = atol(getenv("SOURCE_DATE_EPOCH"));
data/fontforge-20201107~dfsg/tests/randomtest.c:224:17: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return( low + ((g_random_int()>>8)%(high+1-low)) );
data/fontforge-20201107~dfsg/tests/randomtest.c:226:16: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return( low + (g_random_int()%(high+1-low)) );
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_3[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:116:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:139:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_21[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:162:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_22[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:185:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_23[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:208:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_25[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:231:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_26[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:254:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_30[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/MacSymbol.c:277:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char MacSymbol_from_unicode_f8[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/ZapfDingbats.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/ZapfDingbats.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ZapfDingbats_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/ZapfDingbats.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ZapfDingbats_from_unicode_21[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/ZapfDingbats.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ZapfDingbats_from_unicode_24[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/ZapfDingbats.c:116:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ZapfDingbats_from_unicode_25[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/ZapfDingbats.c:139:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ZapfDingbats_from_unicode_26[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/ZapfDingbats.c:162:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ZapfDingbats_from_unicode_27[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_1.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_1.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_1_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_10.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_10.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_10_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_10.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_10_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_10.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_10_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_11.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_11.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_11_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_11.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_11_from_unicode_e[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_13.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_13.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_13_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_13.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_13_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_13.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_13_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_14.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_14.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_14_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_14.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_14_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_14.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_14_from_unicode_1e[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_15.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_15.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_15_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_15.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_15_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_15.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_15_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_16.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_16.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_16_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_16.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_16_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_16.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_16_from_unicode_2[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_16.c:116:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_16_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_2.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_2.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_2_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_2.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_2_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_2.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_2_from_unicode_2[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_3.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_3.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_3_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_3.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_3_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_3.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_3_from_unicode_2[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_4.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_4.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_4_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_4.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_4_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_4.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_4_from_unicode_2[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_5.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_5.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_5_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_5.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_5_from_unicode_4[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_5.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_5_from_unicode_21[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_6.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_6.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_6_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_6.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_6_from_unicode_6[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_7.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_7.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_7_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_7.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_7_from_unicode_3[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_7.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_7_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_8.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_8.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_8_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_8.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_8_from_unicode_5[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_8.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_8_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_9.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_9.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_9_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/iso_8859_9.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char i8859_9_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/jis201.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/jis201.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jis201_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/jis201.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jis201_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/jis201.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char jis201_from_unicode_ff[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/koi8_r.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/koi8_r.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char koi8_r_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/koi8_r.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char koi8_r_from_unicode_4[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/koi8_r.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char koi8_r_from_unicode_22[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/koi8_r.c:116:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char koi8_r_from_unicode_23[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/koi8_r.c:139:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char koi8_r_from_unicode_25[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_2[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:116:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_3[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:139:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:162:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_21[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:185:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_22[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:208:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_25[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:231:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_f8[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/mac.c:254:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char mac_from_unicode_fb[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/win.c:6:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char allzeros[256] = { 0 };
data/fontforge-20201107~dfsg/Unicode/charset/win.c:47:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char win_from_unicode_0[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/win.c:70:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char win_from_unicode_1[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/win.c:93:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char win_from_unicode_2[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/win.c:116:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char win_from_unicode_20[256] = {
data/fontforge-20201107~dfsg/Unicode/charset/win.c:139:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char win_from_unicode_21[256] = {
data/fontforge-20201107~dfsg/Unicode/dump.c:119:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *table[256], *plane;
data/fontforge-20201107~dfsg/Unicode/dump.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200+1];
data/fontforge-20201107~dfsg/Unicode/dump.c:129:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( alphabets[j], "r" );
data/fontforge-20201107~dfsg/Unicode/dump.c:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400+1];
data/fontforge-20201107~dfsg/Unicode/dump.c:356:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( adobecjk[j], "r" );
data/fontforge-20201107~dfsg/Unicode/dump.c:420:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( adobecjk[j], "r" );
data/fontforge-20201107~dfsg/Unicode/dump.c:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400+1];
data/fontforge-20201107~dfsg/Unicode/dump.c:555:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( adobecjk[j], "r" );
data/fontforge-20201107~dfsg/Unicode/dump.c:684:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400+1];
data/fontforge-20201107~dfsg/Unicode/dump.c:688:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( cjk[j], "r" );
data/fontforge-20201107~dfsg/Unicode/dump.c:797:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400+1];
data/fontforge-20201107~dfsg/Unicode/dump.c:807:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( adobecjk[j], "r" );
data/fontforge-20201107~dfsg/Unicode/dump.c:1018:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400+1];
data/fontforge-20201107~dfsg/Unicode/dump.c:1024:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( adobecjk[j], "r" );
data/fontforge-20201107~dfsg/Unicode/dump.c:1186:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( output = fopen( "alphabet.c", "w" ))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/dump.c:1190:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( header = fopen( "chardata.h", "w" ))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/dump.c:1212:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( output = fopen( "cjk.c", "w" ))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/dump.c:1226:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( output = fopen( "backtrns.c", "w" ))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:57:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { short s; char c[2]; } u;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:186:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*inbuf,*outbuf,min);
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:197:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:205:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[0], lowch = ((unsigned char *) *inbuf)[1];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:205:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[0], lowch = ((unsigned char *) *inbuf)[1];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:221:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:223:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = *(unsigned char *) *inbuf, lowch = ((unsigned char *) *inbuf)[1];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:244:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:246:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = *(unsigned char *) *inbuf, lowch = ((unsigned char *) *inbuf)[1];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:275:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:277:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = *(unsigned char *) *inbuf, lowch = ((unsigned char *) *inbuf)[1];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:305:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:307:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = *(unsigned char *) *inbuf, lowch = ((unsigned char *) *inbuf)[1];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:344:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:346:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = *(unsigned char *) *inbuf, lowch = ((unsigned char *) *inbuf)[1];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:372:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uch = (((unsigned char *) *inbuf)[1]<<8) | (*((unsigned char *) *inbuf));
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:374:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uch = (*((unsigned char *) *inbuf)<<8) | (((unsigned char *) *inbuf)[1]);
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:407:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:414:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:414:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:429:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:431:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:431:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:452:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:454:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:454:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:483:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:485:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:485:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:513:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:515:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:515:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:552:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[1], lowch = *(unsigned char *) *inbuf;
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:554:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:554:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
highch = ((unsigned char *) *inbuf)[2], lowch = ((unsigned char *) *inbuf)[3];
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:580:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uch = (((unsigned char *) *inbuf)[3]<<24) |
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:581:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((unsigned char *) *inbuf)[2]<<16) |
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:582:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((unsigned char *) *inbuf)[1]<<8) |
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:586:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((unsigned char *) *inbuf)[1]<<16) |
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:587:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((unsigned char *) *inbuf)[2]<<8) |
data/fontforge-20201107~dfsg/Unicode/gwwiconv.c:588:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((unsigned char *) *inbuf)[3]);
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400], buffer2[400];
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:381:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("gdrawbuildchars.c","w");
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:490:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[600];
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:570:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen("UnicodeData.txt","r");
data/fontforge-20201107~dfsg/Unicode/makeutype.c:128:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[MAXC];
data/fontforge-20201107~dfsg/Unicode/makeutype.c:132:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mynumericvalue[MAXC];
data/fontforge-20201107~dfsg/Unicode/makeutype.c:501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512+1], buf2[300+1], oldname[301], *pt, *end, *pt1;
data/fontforge-20201107~dfsg/Unicode/makeutype.c:508:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("UnicodeData.txt","r"))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:659:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("LineBreak.txt","r"))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:714:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("PropList.txt","r"))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:768:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("NamesList.txt","r"))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:811:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300+1], buf2[300+1], *pt, *end, *pt1;
data/fontforge-20201107~dfsg/Unicode/makeutype.c:816:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(corp,"r"))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:858:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[300+1];
data/fontforge-20201107~dfsg/Unicode/makeutype.c:914:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data = fopen( "ArabicForms.c","w");
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1199:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data = fopen("is_Ligature_data.h","w");
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1237:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
header=fopen("utype.h","w");
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1238:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data = fopen("utype.c","w");
data/fontforge-20201107~dfsg/Unicode/makeutype.c:1577:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( file = fopen("unialt.c","w" ))==NULL ) {
data/fontforge-20201107~dfsg/Unicode/memory.c:58:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret,str,n);
data/fontforge-20201107~dfsg/Unicode/ucharmap.c:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[4];
data/fontforge-20201107~dfsg/Unicode/ucharmap.c:356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[2];
data/fontforge-20201107~dfsg/Unicode/ustring.c:314:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res,pt,n*sizeof(unichar_t));
data/fontforge-20201107~dfsg/Unicode/ustring.c:326:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res,pt,n*sizeof(unichar_t));
data/fontforge-20201107~dfsg/Unicode/ustring.c:422:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[60], *pt, *ret;
data/fontforge-20201107~dfsg/Unicode/ustring.c:440:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[60], *pt, *ret;
data/fontforge-20201107~dfsg/Unicode/ustring.c:458:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[60], *pt, *ret;
data/fontforge-20201107~dfsg/Unicode/ustring.c:503:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[400];
data/fontforge-20201107~dfsg/Unicode/ustring.c:1052:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ret[100+1];
data/fontforge-20201107~dfsg/Unicode/ustring.c:1110:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(v);
data/fontforge-20201107~dfsg/Unicode/ustring.c:1115:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[101];
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lines[4];
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:56:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
src = fopen(filename,"rs");
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:114:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
output = fopen("copyright.patch","w");
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:6:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char used[0x110000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:8:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *nonuni_names[0x10000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[600];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:127:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"CNS1.%d.vert", cid-17408+1 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:129:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"CNS1.%d.vert", cid-17506+13648 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:131:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buffer, "CNS1.17601.vert" );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:133:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buffer, "CNS1.17603.vert" );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:137:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"CNS1.%d.vert", cid-1 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:140:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"CNS1.%d.vert", cid-2 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:143:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.hw", (unsigned int)(cid-13648+' ') );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:146:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buffer, "uni203E.hw" );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:149:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"CNS1.%d", cid );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:158:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.dup%d", (unsigned int)(uni), ++used[uni] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:168:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.vert", (unsigned int)(cid_2_rotunicode[i]) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:170:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "CNS1.%d.vert", j);
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapcns1.c:194:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pua = fopen("cns14.pua","w");
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:6:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char used[0x110000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:8:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *nonuni_names[0x10000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[600];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:117:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"uni%04X.hw", (unsigned int)(uni) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:121:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"GB1.%d.vert", cid-22226+814 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:125:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"GB1.%d.vert", cid-22127+1 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:129:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"GB1.%d.vert", cid-29059+22353 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:133:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"GB1.%d", cid );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:142:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.dup%d", (unsigned int)(uni), ++used[uni] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:152:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.vert", (unsigned int)(cid_2_rotunicode[i]) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapgb1.c:154:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "GB1.%d.vert", j);
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:6:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char used[0x110000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:8:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *nonuni_names[0x100000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[600];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:283:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-7894+665 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:285:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-7899+674 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:287:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-7901+676 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:290:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-8720+1 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:294:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-8950+231 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:297:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-9045+599 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:299:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-9079+630 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:301:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "Japan1.8719.vert" );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:304:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-9084+326 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:307:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-9148+391 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:310:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-9179+515 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:312:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-9263+423 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:315:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-9265+504 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:318:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-9277+425 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:320:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buffer, "Japan1.390.vert" );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:323:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-12870+9354 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:326:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-12960+9444 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:329:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", cid-13254+9738 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:331:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.vert", (unsigned int)((uni>=VERTMARK?uni-VERTMARK:uni)) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:333:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.vert", (unsigned int)((fakeuni>=VERTMARK?fakeuni-VERTMARK:fakeuni)) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:344:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.hw", hwtable390[cid-390] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:346:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.hw", hwtable501[cid-501] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:348:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.hw", hwtable516[cid-516] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:350:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.hw", cid );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:362:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.hw", (unsigned int)(uni) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:364:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.hw", (unsigned int)(fakeuni) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:373:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.italic", (unsigned int)(fakeuni) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:378:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.dup%d", (unsigned int)(fakeuni), ++used[fakeuni] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:386:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.dup%d", (unsigned int)(uni), ++used[uni] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:396:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.vert", (unsigned int)(cid_2_rotunicode[i]) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan1.c:398:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Japan1.%d.vert", j);
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan2.c:6:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char used[0x110000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan2.c:8:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *nonuni_names[0x10000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan2.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[600];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan2.c:116:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"Japan2.%d", cid );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapjapan2.c:122:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.dup%d", (unsigned int)(uni), ++used[uni] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:6:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char used[0x110000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:8:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *nonuni_names[0x10000];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[600];
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:126:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.hw", (unsigned int)(fakeuni) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:130:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Korea1.%d.vert", cid-18255+8094 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:134:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Korea1.%d.vert", cid-18155+1 );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:141:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"Korea1.%d", cid );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:147:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.dup%d", (unsigned int)(uni), ++used[uni] );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:157:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.vert", (unsigned int)(cid_2_rotunicode[i]) );
data/fontforge-20201107~dfsg/contrib/cidmap/src/mapkorean.c:159:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Korea1.%d.vert", j);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:510:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:516:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:518:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:698:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[12];
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:702:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:705:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pattern,"Base *");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:712:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(otherdir,"/../Encodings");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:716:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(encfilename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:718:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(encfilename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:755:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:758:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:856:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,".sfd");
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[CHUNK];
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[CHUNK];
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:142:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
woff = fopen( filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:180:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfnt = fopen( outname,"wb+" );
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:257:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outname+(ext-start), "_meta.xml" );
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:258:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
meta = fopen( outname,"wb" );
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:274:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outname+(ext-start), ".priv" );
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:275:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
priv = fopen( outname,"wb" );
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stag[4];
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:122:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ttf = fopen( argv[i],"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontname[17];
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:104:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char panose[10];
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:105:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char charcompl[8];
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:480:12: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
head = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:495:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *cmap = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:827:17: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *os2 = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:917:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *glyf = tmpfile(), *loca = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:917:37: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *glyf = tmpfile(), *loca = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:972:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *post = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:994:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *name = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1001:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char family[20], style[20], *version="Version 1.0", unique[32];
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1012:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(style,"Bold Italic");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1014:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(style,"Bold");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1016:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(style,"Italic");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1018:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(style,"Regular");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32], *pt, *fpt;
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1151:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".ttf");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1152:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ttf = fopen(buffer,"wb+");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32], *pt, *fpt;
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1371:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".bdf");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1372:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bdf = fopen(buffer,"wb+");
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1483:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *pcl = fopen(filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:117:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *commands[32] = { "?0", "hstem", "?2", "vstem", "vmoveto",
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[3000], *pt, *binstart;
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temptok[255];
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:317:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zeros[EODMARKLEN+6+1];
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdtok[255];
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:427:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rdtok,"RD");
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:433:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256]/*, *tempname*/;
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:442:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(fontname,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:452:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(outputfile,"wb");
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:459:12: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
temp = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp:95:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fontfile.open (FileName);
data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp:105:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enc1.push_back(atoi(encodings.at(i + 1).c_str()) );
data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp:106:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enc2.push_back(atoi(encodings.at(i + 2).c_str()) );
data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp:107:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enc3.push_back(atoi(encodings.at(i + 3).c_str()) );
data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp:123:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fontfile.open (FileName);
data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp:149:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fontfile.open (FileName);
data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp:154:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
glyphs.open ("glyphs.txt");
data/fontforge-20201107~dfsg/contrib/fonttools/portablecompositor.cpp:205:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
featurefile.open ("feature.fea");
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000];
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:61:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer+strlen(buffer)-4,"-new.sfd");
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:63:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"-new");
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:64:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(name,"r");
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:69:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(buffer,"w");
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:730:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *class[16] = { "No classification", "Old Style Serifs", "Transitional Serifs", "Modern Serifs", "Clarendon Serifs", "Slab Serifs", "???", "Freeform Serifs", "Sans Serif", "Ornamentals", "Scripts", "???", "Symbolic", "???", "???", "???" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:731:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass0[16] = { "", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:732:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass1[16] = { "", "ibm rounded", "garalde", "venetian", "modified venetian", "dutch modern", "dutch traditional", "contemporary", "caligraphic", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:733:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass2[16] = { "", "direct line", "script", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:734:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass3[16] = { "", "italian", "script", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:735:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass4[16] = { "", "clarendon", "modern", "traditional", "newspaper", "stub", "monotone", "typewriter", "???", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:736:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass5[16] = { "", "monotone", "humanist", "geometric", "swiss", "typewriter", "???", "???", "???", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:737:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass7[16] = { "", "modern", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:738:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass8[16] = { "", "ibm neogrotesque", "humanist", "low-x rounded", "high-x rounded", "neo-grotesque", "modified neo-grotesque", "???", "???", "typewriter", "matrix", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:739:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass9[16] = { "", "engraver", "black letter", "decorative", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:740:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass10[16] = { "", "???", "uncial", "brush joined", "formal joined", "monotone joined", "calligraphic", "brush unjoined", "formal unjoined", "monotone unjoined", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:741:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *subclass12[16] = { "", "???", "???", "mixed serif", "???", "???", "old style serif", "neo-grotesque sans", "???", "???", "???", "???", "???", "???", "???", "Misc" };
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:742:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char **subclasses[16] = { subclass0, subclass1, subclass2, subclass3,
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:872:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *standardnames[258] = {
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:2199:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:2200:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,">U+%04X<", info->glyph_unicode[i]);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5059:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50], *pt;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5427:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->fontmatrix,stack,(sp>=6?6:sp)*sizeof(double));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5435:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->fontbb,stack,(sp>=4?4:sp)*sizeof(double));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:7027:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ttf = fopen(filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:7032:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
util = fopen(filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[2000], *pt;
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:82:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "_%02d.ttf", which );
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:84:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ttf = fopen( outfile,"wb");
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:136:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ttc = fopen(filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:96:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *standardnames[258] = {
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:763:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:768:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"glyph%d", glyph);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:1088:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:1093:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
eps = fopen(buffer,"w");
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:1145:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ttf = fopen(filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[CHUNK];
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[CHUNK];
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:80:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tmp = tmpfile();
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:146:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfnt = fopen( filename,"rb");
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:192:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outname+(ext-start),".woff" );
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:193:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
woff = fopen(outname,"wb");
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:247:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
meta = fopen(metafile,"w");
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:274:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
priv = fopen(privfile,"w");
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:128:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->rules[i].lookups,fpst->rules[i].lookups,
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:876:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sm->state,sm->state+sm->class_cnt,sm->class_cnt*sizeof(struct asm_state));
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:985:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sm->state,sm->state+sm->class_cnt,sm->class_cnt*sizeof(struct asm_state));
data/fontforge-20201107~dfsg/fontforge/autohint.c:2086:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->countermasks[0],mask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/autohint.c:2169:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->countermasks[i],masks[i],sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/autohint.c:2218:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->countermasks[i],masks[i],sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/autohint.c:2357:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(to[i]->hintmask,mask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/autosave.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/autosave.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/autosave.c:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:210:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"/PfaEdXXXXXX");
data/fontforge-20201107~dfsg/fontforge/autotrace.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:228:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"/PfaEd");
data/fontforge-20201107~dfsg/fontforge/autotrace.c:231:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( eon, "%04X_mf%d", getpid(), ++cnt );
data/fontforge-20201107~dfsg/fontforge/autotrace.c:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname_in[1025];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname_out[1025];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:311:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ps = fopen(tempname_out, "r");
data/fontforge-20201107~dfsg/fontforge/autotrace.c:353:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[1025];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:354:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char (* arglist[30]);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:638:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:684:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025], *ret=NULL;
data/fontforge-20201107~dfsg/fontforge/autotrace.c:707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025], *eod;
data/fontforge-20201107~dfsg/fontforge/autotrace.c:708:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *todelete[100];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:762:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[8];
data/fontforge-20201107~dfsg/fontforge/autotrace.c:799:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/null",O_WRONLY);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:803:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/null",O_RDONLY);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1100:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1396:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vkc->adjusts[n].corrections,kc->adjusts[o].corrections,len);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:294:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ASCII " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:296:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISOLatin1Encoding " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:298:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISO8859-2 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:300:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISO8859-5 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:302:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISO8859-7 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:304:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISO8859-9 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:306:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISO8859-8 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:308:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISO8859-6 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:310:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISO8859-4 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:312:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "ISO8859-11 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:314:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "JISX0208.1997 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:316:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "GB2312.1980 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:318:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "KSC5601.1992 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:320:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "BIG5 " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:322:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer , "Symbol " );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[250];
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:330:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reg[100], enc[40], *pt;
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:355:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[300];
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:387:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret,props,cnt*sizeof(BDFProperties));
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:400:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( reg, "FontSpecific" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:403:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( reg, "ISO8859" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:408:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( reg, "ISO10646" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:411:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( reg, "KSC5601.1992" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:414:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( reg, "GB2312.1980" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:417:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( reg, "JISX0208.1997" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:443:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(squeeze,"Normal");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:480:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(weight_name,"Medium");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char family_name[80], weight_name[60], slant[10], stylename[40], squeeze[40];
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:564:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reg[100], enc[40];
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:625:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[800];
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[250];
data/fontforge-20201107~dfsg/fontforge/bvedit.c:264:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bc->bitmap,from->bitmap,bc->bytes_per_line*(bc->ymax-bc->ymin+1));
data/fontforge-20201107~dfsg/fontforge/bvedit.c:304:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(npt+bc->xmin-xmin,pt,bc->bytes_per_line);
data/fontforge-20201107~dfsg/fontforge/bvedit.c:374:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->bitmap,sel->bitmap,sel->bytes_per_line*(sel->ymax-sel->ymin+1));
data/fontforge-20201107~dfsg/fontforge/bvedit.c:411:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->bitmap,sel->bitmap,sel->bytes_per_line*(sel->ymax-sel->ymin+1));
data/fontforge-20201107~dfsg/fontforge/bvedit.c:455:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(npt,bpt+xmin-bc->xmin,xmax-xmin+1);
data/fontforge-20201107~dfsg/fontforge/bvedit.c:493:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bpt+sel->xmin-bc->xmin,spt,sel->xmax-sel->xmin+1);
data/fontforge-20201107~dfsg/fontforge/bvedit.c:561:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ret,bc,sizeof( BDFChar ));
data/fontforge-20201107~dfsg/fontforge/bvedit.c:563:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ret->bitmap,bc->bitmap,ret->bytes_per_line*(ret->ymax-ret->ymin+1));
data/fontforge-20201107~dfsg/fontforge/bvedit.c:668:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bc->backup->bitmap,bc->bitmap,bc->bytes_per_line * bmp_width );
data/fontforge-20201107~dfsg/fontforge/cvexport.c:173:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
eps = fopen(filename,"w");
data/fontforge-20201107~dfsg/fontforge/cvexport.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldloc[24];
data/fontforge-20201107~dfsg/fontforge/cvexport.c:283:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pi.object_offsets,objlocs,nextobj*sizeof(int));
data/fontforge-20201107~dfsg/fontforge/cvexport.c:321:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
eps = fopen(filename,"w");
data/fontforge-20201107~dfsg/fontforge/cvexport.c:332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldloc[24];
data/fontforge-20201107~dfsg/fontforge/cvexport.c:379:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
plate = fopen(filename,"w");
data/fontforge-20201107~dfsg/fontforge/cvexport.c:392:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
svg = fopen(filename,"w");
data/fontforge-20201107~dfsg/fontforge/cvexport.c:405:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
glif = fopen(filename,"w");
data/fontforge-20201107~dfsg/fontforge/cvexport.c:507:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fig = fopen(filename,"w");
data/fontforge-20201107~dfsg/fontforge/cvexport.c:695:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unicode[8];
data/fontforge-20201107~dfsg/fontforge/cvexport.c:723:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(unicode,"xxxx");
data/fontforge-20201107~dfsg/fontforge/cvexport.c:729:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( unicode,"%d", (int) map->backmap[sc->orig_pos] );
data/fontforge-20201107~dfsg/fontforge/cvexport.c:741:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforge/cvimages.c:109:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->layers[pos].stroke_pen.trans, e->u.splines.transform,
data/fontforge-20201107~dfsg/fontforge/cvimages.c:184:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ps = fopen(path,"r");
data/fontforge-20201107~dfsg/fontforge/cvimages.c:233:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *pdf = fopen(path,"r");
data/fontforge-20201107~dfsg/fontforge/cvimages.c:246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforge/cvimages.c:877:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforge/cvimages.c:881:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fig = fopen(path,"r");
data/fontforge-20201107~dfsg/fontforge/cvimages.c:1065:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start [1025];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:82:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret,bitmap,bytes_per_line*lines);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:899:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref,head,sizeof( BDFRefChar ));
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:1153:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref,head,sizeof( BDFRefChar ));
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:1258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2071:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2072:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80]; const char *name;
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2084:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2302:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2625:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(adjust->xadjust.corrections,vr->adjust->xadjust.corrections,adjust->xadjust.last_pixel_size-adjust->xadjust.first_pixel_size+1);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2629:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(adjust->yadjust.corrections,vr->adjust->yadjust.corrections,adjust->yadjust.last_pixel_size-adjust->yadjust.first_pixel_size+1);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2633:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(adjust->xadv.corrections,vr->adjust->xadv.corrections,adjust->xadv.last_pixel_size-adjust->xadv.first_pixel_size+1);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2637:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(adjust->yadv.corrections,vr->adjust->yadv.corrections,adjust->yadv.last_pixel_size-adjust->yadv.first_pixel_size+1);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2665:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pst->u.pair.vr,frompst->u.pair.vr,sizeof(struct vr[2]));
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2669:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pst->u.pos,&frompst->u.pos,sizeof(struct vr));
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2690:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ap->xadjust.corrections,fromap->xadjust.corrections,ap->xadjust.last_pixel_size-ap->xadjust.first_pixel_size+1);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2694:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ap->yadjust.corrections,fromap->yadjust.corrections,ap->yadjust.last_pixel_size-ap->yadjust.first_pixel_size+1);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2852:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buttons[3];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3245:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref,head,sizeof( BDFRefChar ));
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3278:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref,head,sizeof( BDFRefChar ));
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3304:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ©buffer,tmp,sizeof( Undoes ));
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3340:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cur,head,sizeof( BDFRefChar ));
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3564:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d@%d", pixelsize, depth );
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3566:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", pixelsize );
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3653:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fv->selected,oldsel,fv->map->enccount);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3881:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX];
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:3883:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f = fopen( filename, "w" );
data/fontforge-20201107~dfsg/fontforge/delta.h:46:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
uint8 open;
data/fontforge-20201107~dfsg/fontforge/dumpbdf.c:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[200];
data/fontforge-20201107~dfsg/fontforge/dumpbdf.c:424:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforge/dumpbdf.c:439:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"w" );
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:118:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char randombytes[4] = { 0xaa, 0x55, 0x3e, 0x4d };
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:177:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char randombytes[10] = { 0xaa, 0x55, 0x3e, 0x4d, 0x89, 0x98, 'a', '4', 0, 0xff };
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:252:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int isStdEncoding(const char *encoding[256]) {
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:519:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:607:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:1227:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sub->values[i] = (uint8 *) copyn((const char *) subrs[i],subrslens[i]);
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:1235:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sub->values[i] = (uint8 *) copyn((const char *) subrs[i],subrslens[i]);
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:1331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *privates[16], int instance_count) {
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:1367:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *privates[16];
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:1844:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char (*encoding[256]);
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:1847:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2004:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g setlinewidth stroke", (double) sf->strokewidth );
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2006:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "fill");
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2048:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8*1024];
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2538:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2613:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "(Binary) %ld StartData ", len );
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2675:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( out=fopen(fontname,"wb"))==NULL )
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2711:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2721:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"w" );
data/fontforge-20201107~dfsg/fontforge/encoding.c:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[2];
data/fontforge-20201107~dfsg/fontforge/encoding.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[20], ucs[20];
data/fontforge-20201107~dfsg/fontforge/encoding.c:246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforge/encoding.c:251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[8], ucs[20];
data/fontforge-20201107~dfsg/fontforge/encoding.c:502:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/encoding.c:563:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/encoding.c:590:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->unicode,encs,max*sizeof(int32));
data/fontforge-20201107~dfsg/fontforge/encoding.c:616:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/fontforge-20201107~dfsg/fontforge/encoding.c:677:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->unicode, enc_arr->data, enc_arr->len * sizeof(int32));
data/fontforge-20201107~dfsg/fontforge/encoding.c:684:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->psnames, names_arr->data, names_arr->len * sizeof(char *));
data/fontforge-20201107~dfsg/fontforge/encoding.c:722:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/encoding.c:803:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforge/encoding.c:811:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( getPfaEditEncodings(), "w");
data/fontforge-20201107~dfsg/fontforge/encoding.c:896:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer,".notdef");
data/fontforge-20201107~dfsg/fontforge/encoding.c:957:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maybe[FILENAME_MAX+1];
data/fontforge-20201107~dfsg/fontforge/encoding.c:1036:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/fontforge-20201107~dfsg/fontforge/encoding.c:1051:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen( file,"r" );
data/fontforge-20201107~dfsg/fontforge/encoding.c:1100:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *buts[3], *buts2[3], *buts3[3];
data/fontforge-20201107~dfsg/fontforge/encoding.c:1260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buttons[3];
data/fontforge-20201107~dfsg/fontforge/encoding.c:1321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[200];
data/fontforge-20201107~dfsg/fontforge/encoding.c:1331:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/encoding.c:1462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforge/encoding.c:1474:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g", (double)cidmaster->cidversion);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buttons[3];
data/fontforge-20201107~dfsg/fontforge/encoding.c:1861:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[130];
data/fontforge-20201107~dfsg/fontforge/encoding.c:1866:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.50s-%.50s-%d", sf->cidregistry, sf->ordering, sf->supplement );
data/fontforge-20201107~dfsg/fontforge/encoding.c:2111:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(map->map,encoded,base*sizeof(int32));
data/fontforge-20201107~dfsg/fontforge/encoding.c:2113:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(map->map+base,unencoded,extras*sizeof(int32));
data/fontforge-20201107~dfsg/fontforge/encoding.c:2574:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[20];
data/fontforge-20201107~dfsg/fontforge/encoding.c:2628:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char to[20];
data/fontforge-20201107~dfsg/fontforge/featurefile.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cidbuf[20], *nm;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:146:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cidbuf, "\\%d", sc2->orig_pos );
data/fontforge-20201107~dfsg/fontforge/featurefile.c:343:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char space[MAXG+1];
data/fontforge-20201107~dfsg/fontforge/featurefile.c:1755:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[100];
data/fontforge-20201107~dfsg/fontforge/featurefile.c:1887:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[MAXG+1], featbuf[8], scriptbuf[8], *feat, *script;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2184:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(intersection + ix, class1 + i, length * sizeof (char));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[MAXT+1];
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *filename[MAXI];
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2385:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[1025], *pt, *filename;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2442:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2493:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tok->tokbuf,"EOF");
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2583:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tag[4];
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2970:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_glyph[MAXT+1];
data/fontforge-20201107~dfsg/fontforge/featurefile.c:3514:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nvr,ovr,sizeof(struct vr));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4180:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->u2.pst->u.pair.vr,vr,sizeof(vr));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4195:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->u2.pst->u.pair.vr,vr,sizeof(vr));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5269:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(feat->u1.params,params,sizeof(params));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5702:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->u2.lcaret,carets,len*sizeof(int16));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5729:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
item->u1.gdef_classes = chunkalloc(sizeof(char *[4]));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5807:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(active->baseline_tags,baselines,cnt*sizeof(uint32));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5839:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cur->baseline_pos,poses,i*sizeof(int16));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:6007:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
chunkfree(item->u1.gdef_classes,sizeof(char *[4]));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:6474:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kc->adjusts[index].corrections,dt->corrections,dt->last_pixel_size-dt->first_pixel_size+1);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:6484:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kp->adjust->corrections,dt->corrections,dt->last_pixel_size-dt->first_pixel_size+1);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:7173:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/fontforge-20201107~dfsg/fontforge/featurefile.c:7340:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/fontforgeui.h:165:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *script_filenames[SCRIPT_MENU_MAX];
data/fontforge-20201107~dfsg/fontforge/fontforgeui.h:169:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *RecentFiles[RECENT_MAX];
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[6];
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:656:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(refs->transform,t,sizeof(t));
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1021:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1436:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1665:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:2031:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/freetype.c:114:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[60];
data/fontforge-20201107~dfsg/fontforge/freetype.c:119:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "FreeType %d.%d.%d", ma, mi, pa );
data/fontforge-20201107~dfsg/fontforge/freetype.c:412:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bdfc->bitmap,bitmap->buffer,bitmap->rows*bdfc->bytes_per_line);
data/fontforge-20201107~dfsg/fontforge/freetype.c:731:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->bitmap,slot->bitmap.buffer,ret->rows*ret->bytes_per_row);
data/fontforge-20201107~dfsg/fontforge/freetype.c:1057:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clipmask,temp.buffer,bitmap.pitch*bitmap.rows);
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1001:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], namebuf[200];
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1017:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], namebuf[200];
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1631:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ref->transform,transform,sizeof(real [6]));
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1661:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bc->bitmap,rbc->bitmap+(rbc->ymax-ymax)*rbc->bytes_per_line,
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1695:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], namebuf[200];
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1764:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], namebuf[200];
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1822:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *suffixes[4];
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:2301:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300], namebuf[300];
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:2942:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[101];
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:55:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(layers,ref->layers,ref->layer_cnt*sizeof(struct reflayer));
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:294:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cur->u.pair.vr,base->u.pair.vr,sizeof(struct vr [2]));
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:299:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cur->u.lcaret.carets,base->u.lcaret.carets,cur->u.lcaret.cnt*sizeof(uint16));
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:410:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nsm->state,sm->state,nsm->class_cnt*nsm->state_cnt*sizeof(struct asm_state));
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:414:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nsm->state[i].u.kern.kerns,sm->state[i].u.kern.kerns,nsm->state[i].u.kern.kcnt*sizeof(int16));
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:502:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nsc->ttf_instrs,sc->ttf_instrs,sc->ttf_instrs_len);
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:509:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(layers,sc->layers,lycopy*sizeof(Layer));
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:541:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nsc->countermasks,sc->countermasks,sc->countermask_cnt*sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:593:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nbc->bitmap,bc->bitmap,(nbc->ymax-nbc->ymin+1)*nbc->bytes_per_line);
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:919:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforge/fvfonts.c:920:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"glyph%d", sf->glyphcnt);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:89:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "$u%d", ++unique );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[40], tok[100];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:427:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:434:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.150s-%d", encname, encoff );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[100], encname[100], weight[100], italic[100], buffer[300], *buf;
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:671:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(italic,"Italic");
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:673:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(italic,"Oblique");
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:720:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:738:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "enc-%d", cc);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:764:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[257];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:879:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charname[256];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1222:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bc->bitmap+(r+i+1)*bc->bytes_per_line,
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encname[101], weight[101], italic[101];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1552:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(italic,"Italic");
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1554:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(italic,"Oblique");
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1699:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bc->bitmap,bitmap+offsets[i],
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1709:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bc->bitmap+(j-bc->ymin)*bc->bytes_per_line,
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1868:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char def[10];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1873:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(def,"%d",guess);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1893:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2027:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[100];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2031:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char family[100], mods[200], full[300], foundry[100], comments[1000], fontname[300];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2050:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bdf = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2195:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1500];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2405:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2526:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bdfc->bitmap,base->data,bdfc->bytes_per_line*base->height);
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:935:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char held[600];
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strnamebuf[200];
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1455:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strnamebuf, "%.90s %.90s", TTFNameIds(strid), MSLangString(lang));
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strnamebuf[200];
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:1463:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strnamebuf, "%.90s %.90s", TTFNameIds(strid), MSLangString(lang));
data/fontforge-20201107~dfsg/fontforge/groups.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/groups.c:124:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
groups = fopen(groupfilename,"w");
data/fontforge-20201107~dfsg/fontforge/groups.c:238:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(g->kids,glist,i*sizeof(Group *));
data/fontforge-20201107~dfsg/fontforge/groups.c:253:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
groups = fopen(groupfilename,"r");
data/fontforge-20201107~dfsg/fontforge/groups.h:40:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned int open: 1;
data/fontforge-20201107~dfsg/fontforge/ikarus.c:391:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/fontforge-20201107~dfsg/fontforge/ikarus.c:411:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "urw%d", number );
data/fontforge-20201107~dfsg/fontforge/ikarus.c:601:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(fontname,"rb");
data/fontforge-20201107~dfsg/fontforge/ikarus.c:606:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fnam[13], fullname[81];
data/fontforge-20201107~dfsg/fontforge/langfreq.c:1995:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char word_buf[WORD_MAX+1];
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2160:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[8];
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2185:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char word_buf[WORD_MAX+1];
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parabuf[PARA_MAX];
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2360:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.70s %c%c%c%c{%c%c%c%c}",
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2368:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%c%c%c%c{dflt}",
data/fontforge-20201107~dfsg/fontforge/lookups.c:1396:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *lookup_type_names[2][10] = {
data/fontforge-20201107~dfsg/fontforge/lookups.c:1590:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lookup_type_names[j][i] = S_((char *) lookup_type_names[j][i]);
data/fontforge-20201107~dfsg/fontforge/lookups.c:1599:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ubuf[200], *end = ubuf+sizeof(ubuf), *setname;
data/fontforge-20201107~dfsg/fontforge/lookups.c:1607:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ubuf, "<%d,%d> ", (int) (tag>>16),(int) (tag&0xffff) );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1617:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ubuf,_("Required Feature"));
data/fontforge-20201107~dfsg/fontforge/lookups.c:1632:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strncpy(ubuf+7, (char *) friendlies[k].friendlyname,end-ubuf-7);
data/fontforge-20201107~dfsg/fontforge/lookups.c:1688:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/fontforge-20201107~dfsg/fontforge/lookups.c:1714:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
script = copy( S_((char *) localscripts[j].text) );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1872:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newsl->morelangs,sl->morelangs,(newsl->lang_cnt-MAX_LANG)*sizeof(uint32));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2162:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newkc->offsets,kc->offsets,newkc->first_cnt*newkc->second_cnt*sizeof(int16));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2168:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newkc->firsts_flags,kc->firsts_flags,newkc->first_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2172:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newkc->seconds_flags,kc->seconds_flags,newkc->second_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2176:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newkc->offsets_flags,kc->offsets_flags,newkc->first_cnt*newkc->second_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2201:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newfpst->rules,fpst->rules,newfpst->rule_cnt*sizeof(struct fpst_rule));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2207:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->lookups,oldr->lookups,r->lookup_cnt*sizeof(struct seqlookup));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2221:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->u.class.nclasses,oldr->u.class.nclasses, r->u.class.ncnt*sizeof(uint16));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2223:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->u.class.bclasses,oldr->u.class.bclasses, r->u.class.bcnt*sizeof(uint16));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2225:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->u.class.fclasses,oldr->u.class.fclasses, r->u.class.fcnt*sizeof(uint16));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2257:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newsm->state,sm->state,
data/fontforge-20201107~dfsg/fontforge/lookups.c:2262:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newsm->state[i].u.kern.kerns,sm->state[i].u.kern.kerns,newsm->state[i].u.kern.kcnt*sizeof(int16));
data/fontforge-20201107~dfsg/fontforge/lookups.c:2350:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newpst->u.pair.vr,pst->u.pair.vr,sizeof(struct vr [2]));
data/fontforge-20201107~dfsg/fontforge/lookups.c:3880:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(start,rpl,rlen);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3890:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new,base,start-base);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3891:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new+(start-base),rpl,rlen);
data/fontforge-20201107~dfsg/fontforge/lookups.c:4510:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/lookups.c:4687:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], *str;
data/fontforge-20201107~dfsg/fontforge/lookups.c:4694:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d", class_n );
data/fontforge-20201107~dfsg/fontforge/lookups.h:17:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *lookup_type_names[2][10];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1377:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uint8 header[128], *hpt; char buffer[256], *pt, *dpt;
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1438:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header+102,"mBIN",4);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1557:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MakeMacPSName(char buffer[63],SplineFont *sf) {
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1577:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[63];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1612:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
res = fopen(filename,"wb+");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1676:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
res = fopen(filename,"wb+");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1753:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
res = fopen(binfilename,"wb+");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1805:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1816:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,".bin");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1832:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt-1,".fam");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1834:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt-1,".fam.bin");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1861:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
res = fopen(filename,"wb+");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2103:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2104:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Nameless%d", i );
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *psnames[48];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[300];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2532:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[350];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2538:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"Bold");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2540:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"Italic");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2542:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"Underline");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2544:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"Outline");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2546:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"Shadow");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2548:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"Condensed");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2550:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"Extended");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2831:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[16], buffer2[16];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2938:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(respath,"/..namedfork/rsrc");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2939:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
resfork = fopen(respath,"r");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2942:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(respath,"/rsrc");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2943:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
resfork = fopen(respath,"r");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2958:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[128];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3012:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[20]; char *pt;
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3102:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(temp,"rb");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1400];
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3147:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(spt,"resource.frk/");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exten[8];
data/fontforge-20201107~dfsg/fontforge/mm.c:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *hold[40], *ret;
data/fontforge-20201107~dfsg/fontforge/mm.c:423:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(to->hintmask,tos[0]->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/mm.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *values[MmMax], buffer[32], *space, *pt, *end;
data/fontforge-20201107~dfsg/fontforge/mm.c:601:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g",(double) sum);
data/fontforge-20201107~dfsg/fontforge/mm.c:624:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt,"%g ", (double) sum);
data/fontforge-20201107~dfsg/fontforge/namelist.c:162:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = ((unsigned char *) name)[0];
data/fontforge-20201107~dfsg/fontforge/namelist.c:210:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "u%04X", uni);
data/fontforge-20201107~dfsg/fontforge/namelist.c:212:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X", uni);
data/fontforge-20201107~dfsg/fontforge/namelist.c:323:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(refs,out,ocnt*sizeof(RefChar *));
data/fontforge-20201107~dfsg/fontforge/namelist.c:347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40], *pt;
data/fontforge-20201107~dfsg/fontforge/namelist.c:404:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X", uni);
data/fontforge-20201107~dfsg/fontforge/namelist.c:410:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "u%04X", uni);
data/fontforge-20201107~dfsg/fontforge/namelist.c:418:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(names[cnt],"uni");
data/fontforge-20201107~dfsg/fontforge/namelist.c:423:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt,"%04X", refs[i]->unicodeenc==0x131?'i':'j' );
data/fontforge-20201107~dfsg/fontforge/namelist.c:425:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt,"%04X", CanonicalCombiner(refs[i]->unicodeenc));
data/fontforge-20201107~dfsg/fontforge/namelist.c:531:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/namelist.c:533:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforge/namelist.c:701:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/namelist.c:730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char space[80]; /* glyph names are supposed to be less<=31 chars */
data/fontforge-20201107~dfsg/fontforge/namelist.c:731:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[32];
data/fontforge-20201107~dfsg/fontforge/namelist.c:744:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X", sc->unicodeenc );
data/fontforge-20201107~dfsg/fontforge/namelist.c:746:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "u%04X", sc->unicodeenc );
data/fontforge-20201107~dfsg/fontforge/namelist.c:868:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bits[i].start+diff,bits[i].rpl->name,len);
data/fontforge-20201107~dfsg/fontforge/namelist.c:879:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( last,last_orig,bits[i].start-last_orig);
data/fontforge-20201107~dfsg/fontforge/namelist.c:1017:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40]; const char *name;
data/fontforge-20201107~dfsg/fontforge/nonlineartrans.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforge/noprefs.c:147:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *script_filenames[SCRIPT_MENU_MAX];
data/fontforge-20201107~dfsg/fontforge/noprefs.c:150:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *RecentFiles[RECENT_MAX];
data/fontforge-20201107~dfsg/fontforge/noprefs.c:442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/noprefs.c:568:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforge/noprefs.c:657:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforge/noprefs.c:668:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "1021 %d %d", r1, r2 );
data/fontforge-20201107~dfsg/fontforge/noprefs.c:706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1100];
data/fontforge-20201107~dfsg/fontforge/noprefs.c:715:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( prefs!=NULL && (p=fopen(prefs,"r"))!=NULL ) {
data/fontforge-20201107~dfsg/fontforge/noprefs.c:823:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (p=fopen(prefs,"w"))==NULL )
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400], *str;
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400], *str;
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:94:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int NOUI_choose_multiple(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:94:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int NOUI_choose_multiple(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:94:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int NOUI_choose_multiple(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:95:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int cnt, char *buts[2], const char *question,...) {
data/fontforge-20201107~dfsg/fontforge/othersubrs.c:503:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free( (char *) othersubrs_copyright[0][i]);
data/fontforge-20201107~dfsg/fontforge/othersubrs.c:510:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free( (char *) othersubrs[j][i]);
data/fontforge-20201107~dfsg/fontforge/othersubrs.c:518:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *os = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/othersubrs.c:519:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[500];
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[33];
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:353:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:408:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt2,".pdb");
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:409:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(fn,"wb");
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:654:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *choices[5];
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:87:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[60];
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1238:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ent->u.splines.transform,transform,6*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[100];
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1575:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gsaves[gsp].transform,transform,sizeof(transform));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1691:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[8], *name, *nname, buffer[400];
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1710:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(suffix, ".alt%d", ndups);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1757:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[200], *ccval, prevtok[200]="";
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1801:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmappings, mappings, mappings_length);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1846:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prevtok,tok,200);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:2052:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (pc.pdf=fopen(filename,"r"))==NULL )
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:2161:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pdf = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:2173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldloc[24];
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:2209:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:84:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void copyenc(char *encoding[256], const char *std[256]) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:84:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void copyenc(char *encoding[256], const char *std[256]) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:348:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void setStdEnc(char *encoding[256]) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:352:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void setLatin1Enc(char *encoding[256]) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:941:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *bpt, *bs, *end = buffer+sizeof(buffer)-1;
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1267:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subrs->values[index],bs,bpt-bs);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[200], *pt;
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1495:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], *pt, *endtok;
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2005:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chars->values[i],binstart,binlen);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2029:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chars->values[i],binstart,binlen);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2094:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temptok[255];
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2275:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zeros[EODMARKLEN+6+1];
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2491:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontsetname[256];
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2548:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024]; /* 256 was okay, but need this much now when some lines are concatenated */
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2550:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdtok[20];
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2553:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rdtok,"RD");
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2664:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(fontname,"rb");
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2767:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2000], *pt, *end;
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2793:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return( _NamesReadPostScript( fopen(filename,"rb")));
data/fontforge-20201107~dfsg/fontforge/parsettf.c:302:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langcountry[8], language[4];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1626:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2796:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50], *pt;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3094:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->fontmatrix,stack,(sp>=6?6:sp)*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3101:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->fontbb,stack,(sp>=4?4:sp)*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3146:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td->weightvector,stack+1,(sp-4)*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3360:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dicts[i]->fontmatrix,parent_dict->fontmatrix,6*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3621:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d ", array[j]);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3642:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%g ", (double) array[j]);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3657:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3660:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf,"%d", val );
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3665:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3668:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf,"[%d]", val );
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3673:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3676:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf,"%g", val );
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3718:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"UntitledSubFont_%d", ++nameless );
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3859:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4054:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buffer[41];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4435:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4436:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "u%04X.vs%04X", uni, vs_data[i].vs );
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4487:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[500];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5355:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%.20s-%d", info->ordering, i );
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5357:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "nounicode.%d.%d.%x", info->platform, info->specific,
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5360:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "glyph%d", i );
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5565:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5808:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5996:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char versionbuf[40];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6024:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( versionbuf, "Version %f", sf->cidversion );
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6026:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(versionbuf,"Version %.20s ", sf->version);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6356:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ttf = fopen(strippedname,"rb");
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6379:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *cff = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6394:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *cff = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6416:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ttf = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:778:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:1905:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[5], *pt=tag;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2168:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[5];
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3576:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[60];
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3589:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( name, "Out-Of-Range-GID-%d", badgid );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4808:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->variations->tuples[ctup].chars, tscs, oldgc * sizeof(SplineChar *));
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5326:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[10], buffer[50], *ext;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5411:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ebuf, "%cpart%d", isv?'v':'h', i );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5931:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300], *format;
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:500:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buttons[3];
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:557:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d", sizes[i].ppem );
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:559:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d@%d", sizes[i].ppem, sizes[i].depth );
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:991:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( bc->backup->bitmap,bc->bitmap,bc->bytes_per_line * bmp_width );
data/fontforge-20201107~dfsg/fontforge/parsettfvar.c:649:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cvt->data,orig_cvt->data,cvt->len);
data/fontforge-20201107~dfsg/fontforge/print.c:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforge/print.c:642:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforge/print.c:2619:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char langbuf[12], *pt;
data/fontforge-20201107~dfsg/fontforge/print.c:2727:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *randoms[100];
data/fontforge-20201107~dfsg/fontforge/print.c:2728:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[220], *pt;
data/fontforge-20201107~dfsg/fontforge/print.c:2847:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[40], buf[10];
data/fontforge-20201107~dfsg/fontforge/print.c:2870:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d", pi->copies );
data/fontforge-20201107~dfsg/fontforge/print.c:2880:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"-#%d", pi->copies );
data/fontforge-20201107~dfsg/fontforge/print.c:3021:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( filename,"rb" );
data/fontforge-20201107~dfsg/fontforge/print.c:3044:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforge/print.c:3058:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforge/print.c:3095:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pi.out = fopen(outputfile,"wb");
data/fontforge-20201107~dfsg/fontforge/print.h:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psfontname[300];
data/fontforge-20201107~dfsg/fontforge/psfont.h:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*encoding[256]);
data/fontforge-20201107~dfsg/fontforge/psfont.h:182:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char (*AdobeStandardEncoding[256]);
data/fontforge-20201107~dfsg/fontforge/psfont.h:183:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char (*AdobeExpertEncoding[256]);
data/fontforge-20201107~dfsg/fontforge/psread.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fogbuf[60];
data/fontforge-20201107~dfsg/fontforge/psread.c:290:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( io->fogbuf, "%d ", ch-100);
data/fontforge-20201107~dfsg/fontforge/psread.c:425:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commentbuffer[128], *pt;
data/fontforge-20201107~dfsg/fontforge/psread.c:598:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(to,trans,sizeof(trans));
data/fontforge-20201107~dfsg/fontforge/psread.c:1000:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ent->u.splines.transform,transform,6*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/psread.c:1145:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret,base,upt-base);
data/fontforge-20201107~dfsg/fontforge/psread.c:1205:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(base->data,data,datalen);
data/fontforge-20201107~dfsg/fontforge/psread.c:1208:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(base->data+i*base->bytes_per_line,data+(height-i)*base->bytes_per_line,
data/fontforge-20201107~dfsg/fontforge/psread.c:1228:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ent->u.image.transform,transform,sizeof(real[6]));
data/fontforge-20201107~dfsg/fontforge/psread.c:2020:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ref->transform,transform,sizeof(transform));
data/fontforge-20201107~dfsg/fontforge/psread.c:2424:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ent->u.splines.transform,transform,sizeof(transform));
data/fontforge-20201107~dfsg/fontforge/psread.c:2469:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gsaves[gsp].transform,transform,sizeof(transform));
data/fontforge-20201107~dfsg/fontforge/psread.c:2761:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stack[sp-1].u.str, "%o", (int) stack[sp-3].u.val );
data/fontforge-20201107~dfsg/fontforge/psread.c:2763:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stack[sp-1].u.str, "%X", (int) stack[sp-3].u.val );
data/fontforge-20201107~dfsg/fontforge/psread.c:2765:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stack[sp-1].u.str, "%g", (double) stack[sp-3].u.val );
data/fontforge-20201107~dfsg/fontforge/psread.c:2774:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stack[sp-1].u.str, "%g", (double) stack[sp-2].u.val );
data/fontforge-20201107~dfsg/fontforge/psread.c:2789:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stack[sp-1].u.str, "-- nostringval --" );
data/fontforge-20201107~dfsg/fontforge/psread.c:2948:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(transform,sc->layers[layer].stroke_pen.trans,4*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/psread.c:3248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[10];
data/fontforge-20201107~dfsg/fontforge/psread.c:3284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[100];
data/fontforge-20201107~dfsg/fontforge/psread.c:3358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[1024];
data/fontforge-20201107~dfsg/fontforge/psread.c:3362:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[200];
data/fontforge-20201107~dfsg/fontforge/psread.c:3422:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->unicode,encs,max*sizeof(int32));
data/fontforge-20201107~dfsg/fontforge/psread.c:3425:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->psnames,names,max*sizeof(char *));
data/fontforge-20201107~dfsg/fontforge/psread.c:3521:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hm,&rpl,mb);
data/fontforge-20201107~dfsg/fontforge/psread.c:4036:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unblended,unblended+1,context->instance_count*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/psread.c:4247:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hint->u.unblended,unblended,sizeof(real [2][MmMax]));
data/fontforge-20201107~dfsg/fontforge/psread.c:4299:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hint->u.unblended,unblended,sizeof(real [2][MmMax]));
data/fontforge-20201107~dfsg/fontforge/psread.c:4324:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pending_hm,type1,bytes);
data/fontforge-20201107~dfsg/fontforge/psread.c:4327:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(counters[cp],type1,bytes);
data/fontforge-20201107~dfsg/fontforge/psread.c:4649:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ret->countermasks[i],counters[i],sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/python.c:465:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foo[30];
data/fontforge-20201107~dfsg/fontforge/python.c:468:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( foo,"<%d,%d>", tag>>16, tag&0xffff );
data/fontforge-20201107~dfsg/fontforge/python.c:627:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400], *nlist = NULL;
data/fontforge-20201107~dfsg/fontforge/python.c:1202:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instrs,space,len);
data/fontforge-20201107~dfsg/fontforge/python.c:1962:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/python.c:1970:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/python.c:2851:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->spiros,self->spiros,self->spiro_cnt*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/python.c:3873:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt, " <Contour\n" );
data/fontforge-20201107~dfsg/fontforge/python.c:3880:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt," >\n");
data/fontforge-20201107~dfsg/fontforge/python.c:4627:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( locfilename,"wb");
data/fontforge-20201107~dfsg/fontforge/python.c:6462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/fontforge-20201107~dfsg/fontforge/python.c:6489:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( &repr[at], " CLOSED>" );
data/fontforge-20201107~dfsg/fontforge/python.c:6493:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
at += sprintf( &repr[at], " U+%04X", self->sc->unicodeenc);
data/fontforge-20201107~dfsg/fontforge/python.c:6497:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
at += sprintf( &repr[at], " U+%04X", alt->unienc );
data/fontforge-20201107~dfsg/fontforge/python.c:7106:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->ttf_instrs,space,len);
data/fontforge-20201107~dfsg/fontforge/python.c:8483:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *plate = fopen(locfilename,"r");
data/fontforge-20201107~dfsg/fontforge/python.c:8578:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( locfilename,"wb");
data/fontforge-20201107~dfsg/fontforge/python.c:9904:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cvt->data+len1*sizeof(uint16),c2->cvt->data, 2*len2);
data/fontforge-20201107~dfsg/fontforge/python.c:11188:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforge/python.c:11558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[256];
data/fontforge-20201107~dfsg/fontforge/python.c:12060:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fv->selected,sel->fv->selected,len2 );
data/fontforge-20201107~dfsg/fontforge/python.c:12113:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cvt->data,c2->cvt->data,2*len2 );
data/fontforge-20201107~dfsg/fontforge/python.c:12642:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creationtime[200];
data/fontforge-20201107~dfsg/fontforge/python.c:13160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/fontforge-20201107~dfsg/fontforge/python.c:13764:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dummy,tab->data,tab->len);
data/fontforge-20201107~dfsg/fontforge/python.c:14312:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tab->data,instrs,icnt);
data/fontforge-20201107~dfsg/fontforge/python.c:14316:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newi,tab->data,tab->len);
data/fontforge-20201107~dfsg/fontforge/python.c:14317:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newi+tab->len,instrs,icnt);
data/fontforge-20201107~dfsg/fontforge/python.c:14354:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instrs,space,len);
data/fontforge-20201107~dfsg/fontforge/python.c:14486:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
diffs = fopen(locfilename,"w");
data/fontforge-20201107~dfsg/fontforge/python.c:16212:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"w");
data/fontforge-20201107~dfsg/fontforge/python.c:16384:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(locfilename,"CID");
data/fontforge-20201107~dfsg/fontforge/python.c:16388:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(locfilename,"Var");
data/fontforge-20201107~dfsg/fontforge/python.c:16390:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(locfilename,"MM");
data/fontforge-20201107~dfsg/fontforge/python.c:16391:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(locfilename,".sfd");
data/fontforge-20201107~dfsg/fontforge/python.c:16748:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(locfilename,"w");
data/fontforge-20201107~dfsg/fontforge/python.c:19519:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/fontforge-20201107~dfsg/fontforge/python.c:19611:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( pathname, "rb" );
data/fontforge-20201107~dfsg/fontforge/python.c:19633:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subdir[16];
data/fontforge-20201107~dfsg/fontforge/python.c:20067:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return( (char *) sfnt_name_str_ids[i].name );
data/fontforge-20201107~dfsg/fontforge/python.c:20077:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return( (char *) sfnt_name_mslangs[i].name );
data/fontforge-20201107~dfsg/fontforge/python.c:20082:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return( (char *) sfnt_name_mslangs[i].name );
data/fontforge-20201107~dfsg/fontforge/savefont.c:116:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,".afm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:118:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".afm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:121:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
afm = fopen(buf,"w");
data/fontforge-20201107~dfsg/fontforge/savefont.c:144:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pt,".afm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:146:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
afm = fopen(buf,"w");
data/fontforge-20201107~dfsg/fontforge/savefont.c:163:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,".amfm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:165:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".amfm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:167:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
afm = fopen(buf,"w");
data/fontforge-20201107~dfsg/fontforge/savefont.c:190:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,".tfm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:192:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".tfm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:196:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tfm = fopen(buf,"wb");
data/fontforge-20201107~dfsg/fontforge/savefont.c:204:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".enc");
data/fontforge-20201107~dfsg/fontforge/savefont.c:205:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
enc = fopen(buf,"wb");
data/fontforge-20201107~dfsg/fontforge/savefont.c:253:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,".ofm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:255:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".ofm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:259:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tfm = fopen(buf,"wb");
data/fontforge-20201107~dfsg/fontforge/savefont.c:267:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".cfg");
data/fontforge-20201107~dfsg/fontforge/savefont.c:268:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
enc = fopen(buf,"wb");
data/fontforge-20201107~dfsg/fontforge/savefont.c:308:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,".pfm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:310:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".pfm");
data/fontforge-20201107~dfsg/fontforge/savefont.c:312:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pfm = fopen(buf,"wb");
data/fontforge-20201107~dfsg/fontforge/savefont.c:334:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,"FONTLOG.txt");
data/fontforge-20201107~dfsg/fontforge/savefont.c:336:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt+1,"FONTLOG.txt");
data/fontforge-20201107~dfsg/fontforge/savefont.c:337:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
flog = fopen(buf,"a"); // We changed this to append if the file exists.
data/fontforge-20201107~dfsg/fontforge/savefont.c:416:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], *bpt;
data/fontforge-20201107~dfsg/fontforge/savefont.c:424:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(wernerfilename,"r");
data/fontforge-20201107~dfsg/fontforge/savefont.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spt, *pt, buf[8];
data/fontforge-20201107~dfsg/fontforge/savefont.c:621:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newchars,temp.glyphs,temp.glyphcnt*sizeof(SplineChar *));
data/fontforge-20201107~dfsg/fontforge/savefont.c:658:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt,names[subfont],len);
data/fontforge-20201107~dfsg/fontforge/savefont.c:669:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", subfont );
data/fontforge-20201107~dfsg/fontforge/savefont.c:772:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/savefont.c:939:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,"dfont");
data/fontforge-20201107~dfsg/fontforge/savefont.c:1125:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(freeme,"otf");
data/fontforge-20201107~dfsg/fontforge/savefont.c:1127:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(freeme,"otb");
data/fontforge-20201107~dfsg/fontforge/savefont.c:1129:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(freeme,"dfont");
data/fontforge-20201107~dfsg/fontforge/savefont.c:1131:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(freeme,"ttf");
data/fontforge-20201107~dfsg/fontforge/scripting.c:190:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->vals,a->vals,c->argc*sizeof(Val));
data/fontforge-20201107~dfsg/fontforge/scripting.c:205:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->vals+offset,src->vals,src->argc*sizeof(Val));
data/fontforge-20201107~dfsg/fontforge/scripting.c:404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[400];
data/fontforge-20201107~dfsg/fontforge/scripting.c:545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforge/scripting.c:805:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforge/scripting.c:1141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforge/scripting.c:1341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/fontforge-20201107~dfsg/fontforge/scripting.c:1509:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforge/scripting.c:1540:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", val->u.ival );
data/fontforge-20201107~dfsg/fontforge/scripting.c:1542:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "0u%04X", val->u.ival );
data/fontforge-20201107~dfsg/fontforge/scripting.c:1544:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) val->u.fval );
data/fontforge-20201107~dfsg/fontforge/scripting.c:1546:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "<void>");
data/fontforge-20201107~dfsg/fontforge/scripting.c:1548:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "<" "???" ">");
data/fontforge-20201107~dfsg/fontforge/scripting.c:1718:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:1754:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name,append?"ab":"wb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:1820:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,"/glyphs/contents.plist");
data/fontforge-20201107~dfsg/fontforge/scripting.c:1825:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,"/font.props");
data/fontforge-20201107~dfsg/fontforge/scripting.c:1833:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
foo = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:2232:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(locfilename,"wb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:2444:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforge/scripting.c:2463:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%%n_%%f.%.4s", pt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:2884:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40], *name = buffer;
data/fontforge-20201107~dfsg/fontforge/scripting.c:2886:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", val->u.ival );
data/fontforge-20201107~dfsg/fontforge/scripting.c:2888:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "U+%04X", val->u.ival );
data/fontforge-20201107~dfsg/fontforge/scripting.c:3386:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(locfilename,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:3425:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(locfilename,"wb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:4049:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dummy,tab->data,tab->len);
data/fontforge-20201107~dfsg/fontforge/scripting.c:4185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforge/scripting.c:4309:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dest->layers[ly_back],&layers[ly_back],sizeof(Layer));
data/fontforge-20201107~dfsg/fontforge/scripting.c:4311:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dest->layers[layer],&src->layers[layer],sizeof(Layer));
data/fontforge-20201107~dfsg/fontforge/scripting.c:4435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[4];
data/fontforge-20201107~dfsg/fontforge/scripting.c:4891:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[40];
data/fontforge-20201107~dfsg/fontforge/scripting.c:5073:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/fontforge-20201107~dfsg/fontforge/scripting.c:5074:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d", i );
data/fontforge-20201107~dfsg/fontforge/scripting.c:5866:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tab->data,instrs,icnt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:5870:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newi,tab->data,tab->len);
data/fontforge-20201107~dfsg/fontforge/scripting.c:5871:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newi+tab->len,instrs,icnt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:5893:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->ttf_instrs,instrs,icnt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:5897:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newi,sc->ttf_instrs,sc->ttf_instrs_len);
data/fontforge-20201107~dfsg/fontforge/scripting.c:5898:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newi+sc->ttf_instrs_len,instrs,icnt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:7169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[4];
data/fontforge-20201107~dfsg/fontforge/scripting.c:7376:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforge/scripting.c:7379:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "<%d,%d>", tag>>16, tag&0xffff );
data/fontforge-20201107~dfsg/fontforge/scripting.c:8346:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
diffs = fopen(c->a.vals[2].u.sval,"wb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:8395:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2], *ptr = NULL;
data/fontforge-20201107~dfsg/fontforge/scripting.c:9778:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sub.script = fopen(sub.filename,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:9784:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)pt, ".ff");
data/fontforge-20201107~dfsg/fontforge/scripting.c:9785:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sub.script = fopen(sub.filename,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:9787:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)pt, ".pe");
data/fontforge-20201107~dfsg/fontforge/scripting.c:9788:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sub.script = fopen(sub.filename,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:9792:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sub.script = fopen(sub.filename,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:9853:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TOK_MAX+1];
data/fontforge-20201107~dfsg/fontforge/scripting.c:10304:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/fontforge-20201107~dfsg/fontforge/scripting.c:10306:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d", other.u.ival);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10530:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforge/scripting.c:10532:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d", other.u.ival);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10535:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g", (double) other.u.fval);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10570:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sel,c->curfv->selected,selsize);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10607:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->curfv->selected,sel,selsize);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10882:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
c.script = fopen(c.filename,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:11016:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *temp = fopen(argv[i],"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.c:11017:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/scripting.c:11071:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
c.script = fopen(c.filename,"rb");
data/fontforge-20201107~dfsg/fontforge/scripting.h:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok_text[TOK_MAX+1]; /* Irrelevant for user defined funcs */
data/fontforge-20201107~dfsg/fontforge/scstyles.c:707:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &fix->maps[j],&fix->maps[i],sizeof( struct position_maps ));
data/fontforge-20201107~dfsg/fontforge/scstyles.c:1648:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &new_b,&orig_b,sizeof( DBounds ));
data/fontforge-20201107~dfsg/fontforge/scstyles.c:2080:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforge/scstyles.c:2597:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforge/scstyles.c:2645:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/scstyles.c:2846:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforge/scstyles.c:2881:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/search.c:978:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->transform,subtrans,sizeof(subtrans));
data/fontforge-20201107~dfsg/fontforge/search.c:1252:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(selected,fv->selected,fv->map->enccount);
data/fontforge-20201107~dfsg/fontforge/search.c:1286:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fv->selected,changed,fv->map->enccount);
data/fontforge-20201107~dfsg/fontforge/sfd.c:134:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char inbase64[256] = {
data/fontforge-20201107~dfsg/fontforge/sfd.c:152:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base64[64] = {
data/fontforge-20201107~dfsg/fontforge/sfd.c:599:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sofar[4];
data/fontforge-20201107~dfsg/fontforge/sfd.c:1894:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gsfd = fopen(glyphfile,"w");
data/fontforge-20201107~dfsg/fontforge/sfd.c:2149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforge/sfd.c:2156:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d", i );
data/fontforge-20201107~dfsg/fontforge/sfd.c:2877:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ssfd = fopen( fontprops,"w");
data/fontforge-20201107~dfsg/fontforge/sfd.c:2928:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gsfd = fopen(glyphfile,"w");
data/fontforge-20201107~dfsg/fontforge/sfd.c:2955:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ssfd = fopen( strikeprops,"w");
data/fontforge-20201107~dfsg/fontforge/sfd.c:2984:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ssfd = fopen( fontprops,"w");
data/fontforge-20201107~dfsg/fontforge/sfd.c:3175:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfd = fopen(tempfilename,"w");
data/fontforge-20201107~dfsg/fontforge/sfd.c:3203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/fontforge-20201107~dfsg/fontforge/sfd.c:3292:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/fontforge-20201107~dfsg/fontforge/sfd.c:3293:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathnew[PATH_MAX];
data/fontforge-20201107~dfsg/fontforge/sfd.c:3386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2000];
data/fontforge-20201107~dfsg/fontforge/sfd.c:3438:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[100]; int ch;
data/fontforge-20201107~dfsg/fontforge/sfd.c:3457:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[100]; int ch;
data/fontforge-20201107~dfsg/fontforge/sfd.c:3476:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[100]; int ch;
data/fontforge-20201107~dfsg/fontforge/sfd.c:3534:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tokbuf[100];
data/fontforge-20201107~dfsg/fontforge/sfd.c:3609:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt,base->data+(r-1)*base->bytes_per_line,base->bytes_per_line);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3639:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mime[128];
data/fontforge-20201107~dfsg/fontforge/sfd.c:4069:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[100];
data/fontforge-20201107~dfsg/fontforge/sfd.c:4245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2000];
data/fontforge-20201107~dfsg/fontforge/sfd.c:4624:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/fontforge-20201107~dfsg/fontforge/sfd.c:4665:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[200];
data/fontforge-20201107~dfsg/fontforge/sfd.c:5004:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2001], ch;
data/fontforge-20201107~dfsg/fontforge/sfd.c:5115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2001], ch;
data/fontforge-20201107~dfsg/fontforge/sfd.c:5272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ret[2000];
data/fontforge-20201107~dfsg/fontforge/sfd.c:5297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2000], ch;
data/fontforge-20201107~dfsg/fontforge/sfd.c:5625:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->layers[layer].stroke_pen.dashes,dashes,sizeof(dashes));
data/fontforge-20201107~dfsg/fontforge/sfd.c:5626:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->layers[layer].stroke_pen.trans,trans,sizeof(trans));
data/fontforge-20201107~dfsg/fontforge/sfd.c:6196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2000];
data/fontforge-20201107~dfsg/fontforge/sfd.c:6270:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gsfd = fopen(name,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:6543:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[200];
data/fontforge-20201107~dfsg/fontforge/sfd.c:7042:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400], *sofar=calloc(1,1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7152:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gsfd = fopen(name,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:7176:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ssfd = fopen(props,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:7201:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ssfd = fopen(props,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:7241:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ssfd = fopen(props,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:7640:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[2000];
data/fontforge-20201107~dfsg/fontforge/sfd.c:9072:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2000];
data/fontforge-20201107~dfsg/fontforge/sfd.c:9078:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfd = fopen(tok,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9080:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfd = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldloc[25], tok[2000];
data/fontforge-20201107~dfsg/fontforge/sfd.c:9141:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfd = fopen(tok,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9143:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfd = fopen(cur_sf->filename,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9215:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfd = fopen(tok,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[200];
data/fontforge-20201107~dfsg/fontforge/sfd.c:9354:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tok,"<New File>");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[6];
data/fontforge-20201107~dfsg/fontforge/sfd.c:9380:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[800], *pt;
data/fontforge-20201107~dfsg/fontforge/sfd.c:9382:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((*asfd = fopen(filename, "r")) == NULL) {
data/fontforge-20201107~dfsg/fontforge/sfd.c:9396:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer+6, "<New File>");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9435:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[1025];
data/fontforge-20201107~dfsg/fontforge/sfd.c:9447:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *buts[3];
data/fontforge-20201107~dfsg/fontforge/sfd.c:9468:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
asfd = fopen(sf->autosavename,"w");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9534:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sfd = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/sfd.c:9535:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2000];
data/fontforge-20201107~dfsg/fontforge/sflayout.c:1055:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lines[209];
data/fontforge-20201107~dfsg/fontforge/sflayout.c:1059:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[51*4+1], *pt;
data/fontforge-20201107~dfsg/fontforge/spiro.c:118:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nspiros,spiros,(n+1)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/spiro.c:273:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nspiros,spiros,n*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splinechar.c:1029:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/splinechar.c:1038:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/splinechar.c:1076:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/fontforge-20201107~dfsg/fontforge/splinechar.c:1078:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"uni%04X", sf->glyphs[i]->unicodeenc);
data/fontforge-20201107~dfsg/fontforge/splinechar.c:1080:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"u%04X", sf->glyphs[i]->unicodeenc);
data/fontforge-20201107~dfsg/fontforge/splinefill.c:709:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bitmap+i*bpl,bdfc->bitmap+i*bdfc->bytes_per_line,bpl);
data/fontforge-20201107~dfsg/fontforge/splinefill.c:723:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bitmap+i*bpl,bdfc->bitmap+i*bdfc->bytes_per_line,bpl);
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1315:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clipmask,es->bitmap,es->cnt*es->bytes_per_line);
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1451:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[40];
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1452:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aa[200];
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1465:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size,_("%d pixels"), pixelsize );
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1466:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(aa,_("Generating bitmap font"));
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1468:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(aa,": ");
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1607:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[40];
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1608:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aa[200];
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1624:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(size,_("%d pixels"), pixelsize );
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1625:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(aa,_("Generating anti-alias font"));
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1627:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(aa,": ");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:105:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char namebuf[100];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:136:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( namebuf, "NameMe.%d", i);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:139:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( namebuf, "NameMe.%d.%d", i, ++j);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:422:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( result, "%g", val*scale);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:435:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%g ", val*scale);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:462:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( result, "%g", rint(val*scale));
data/fontforge-20201107~dfsg/fontforge/splinefont.c:475:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%g ", rint(val*scale));
data/fontforge-20201107~dfsg/fontforge/splinefont.c:673:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(listfile,"r");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1500];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:917:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfilename[L_tmpnam+100];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:926:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(newfile = fopen(tmpfilename,"w"))!=NULL ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:927:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:974:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ubuf[251], *temp;
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1089:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(strippedname,"rb");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1109:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,"/glyphs/contents.plist");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1115:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,"/font.props");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1310:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1326:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1351:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *test = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1406:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char space[20];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1857:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d ", (int) array[i]);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1867:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[211];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1876:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "[%d]", (int) stemsnap[mi]);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1889:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[211];
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1924:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g", (double) val );
data/fontforge-20201107~dfsg/fontforge/splinefont.h:995:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso_2022_escape[8];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:1012:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ***unicode[17];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:1570:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[ttf_namemax]; /* in utf8 */
data/fontforge-20201107~dfsg/fontforge/splinefont.h:1753:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char panose[10];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:1768:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os2_vendor[4];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:1989:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *axes[4];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foundry[80];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char family[100];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight[80];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slant[40];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setwidth[50];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char add_style[50];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spacing[40];
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs_reg[80]; /* encoding */
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs_enc[80]; /* encoding version? */
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2699:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define DECLARE_TEMP_LOCALE() char oldloc[25];
data/fontforge-20201107~dfsg/fontforge/splineorder2.c:884:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->first->hintmask,ss->first->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/splineorder2.c:896:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->last->hintmask,spline->to->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/splineorder2.c:987:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->first->hintmask,ss->first->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/splineorder2.c:997:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(to->hintmask,spline->to->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/splinesave.c:238:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gi->bits[gi->bcnt].data,gb->base,gi->bits[gi->bcnt].dlen);
data/fontforge-20201107~dfsg/fontforge/splinesave.c:291:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ps->data,gb->base,ps->len);
data/fontforge-20201107~dfsg/fontforge/splinesave.c:314:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(active->bits,gi->bits,active->bcnt*sizeof(struct bits));
data/fontforge-20201107~dfsg/fontforge/splinesave.c:790:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdb->mask,*to->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/splinesave.c:1919:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subrs->values[scnt],gi->psubrs[i].data,gi->psubrs[i].len);
data/fontforge-20201107~dfsg/fontforge/splinesave.c:1971:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vals+len,gb->bits[j].data,gb->bits[j].dlen);
data/fontforge-20201107~dfsg/fontforge/splinesave.c:1978:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vals+len,gi->psubrs[ gb->bits[j].psub_index ].data,
data/fontforge-20201107~dfsg/fontforge/splinesave.c:2317:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdb->mask,*to->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/splinesave.c:2795:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdb->mask,*cur->sc->layers[layer].splines->first->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/splinesave.c:3282:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subrs->values[scnt],gi.psubrs[i].data,gi.psubrs[i].len);
data/fontforge-20201107~dfsg/fontforge/splinesave.c:3339:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vals+len,gb->bits[j].data,gb->bits[j].dlen);
data/fontforge-20201107~dfsg/fontforge/splinesave.c:3346:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vals+len,gi.psubrs[ gb->bits[j].psub_index ].data,
data/fontforge-20201107~dfsg/fontforge/splinesave.c:3512:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subrs->values[scnt],gi.psubrs[i].data,gi.psubrs[i].len);
data/fontforge-20201107~dfsg/fontforge/splinesave.c:3553:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chrs->values[i]+len,gb->bits[j].data,gb->bits[j].dlen);
data/fontforge-20201107~dfsg/fontforge/splinesave.c:3556:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chrs->values[i]+len,gi.psubrs[ gb->bits[j].psub_index ].data,
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:119:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], *pt, *ept, ch;
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[44], second[44], lig[44], buf2[100];
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:196:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".afm");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:198:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,".AFM");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[280], *pt, lastname[257];
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:211:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:512:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:729:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1353:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[60];
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1363:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ret,"uni");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1366:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%04X", unicode[i] );
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2481:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2566:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encoding[40]; /* first byte is length, rest are a string that names the encoding */
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2568:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char family[20]; /* Font Family, preceded by a length byte */
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2683:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *foundnames[4];
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2731:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extensions[ecnt].extens,founds,sizeof(founds));
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2998:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(full,"-Enc");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:3004:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header.encoding+1,encname,39);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:3013:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header.family+1,familyname,19);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:3445:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:3446:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[200];
data/fontforge-20201107~dfsg/fontforge/splinestroke.c:650:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tpc, nc+max_utan_index, (i-max_utan_index)*sizeof(NibCorner));
data/fontforge-20201107~dfsg/fontforge/splinestroke.c:651:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tpc+(i-max_utan_index), nc, max_utan_index*sizeof(NibCorner));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1295:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cpt->hintmask,pt->hintmask,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1334:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cur->spiros,spl->spiros,cur->spiro_cnt*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1425:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(freeme,list+i,(spl->spiro_cnt-1-i)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1426:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(freeme+(spl->spiro_cnt-1-i),list,i*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1428:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(freeme+spl->spiro_cnt-1,list+spl->spiro_cnt-1,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1439:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,list+i,(j-i)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1563:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(freeme,list+i,(spl->spiro_cnt-1-i)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1564:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(freeme+(spl->spiro_cnt-1-i),list,i*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1566:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(freeme+spl->spiro_cnt-1,list+spl->spiro_cnt-1,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:1576:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,list+start,(i-start)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:2385:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *XUIDFromFD(int xuid[20]) {
data/fontforge-20201107~dfsg/fontforge/splineutil.c:2396:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pt,"%d ", xuid[j]);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:2717:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mm->defweights,pscontext->blend_values,mm->instance_count*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:2818:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mm->axismaps[apos].blends,blends,ppos*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:2819:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mm->axismaps[apos].designs,designs,ppos*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:2916:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5381:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ap->xadjust.corrections,alist->xadjust.corrections,len);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5386:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ap->yadjust.corrections,alist->yadjust.corrections,len);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5446:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((&new->xadjust)[i].corrections,(&orig->xadjust)[i].corrections,len);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5471:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->corrections,orig->corrections,len);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5518:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new+adjust->first_pixel_size-size,
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5608:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t->u.class.nclasses,f->u.class.nclasses,
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5612:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t->u.class.bclasses,f->u.class.bclasses,
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5617:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t->u.class.fclasses,f->u.class.fclasses,
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5645:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t->lookups,f->lookups,t->lookup_cnt*sizeof(struct seqlookup));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5830:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newgv->parts,gv->parts,gv->part_cnt*sizeof(struct gv_part));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:5920:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(grad->grad_stops,old->grad_stops,old->stop_cnt*sizeof(struct grad_stops));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6106:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->offsets,kc->offsets, new->first_cnt*new->second_cnt*sizeof(int16));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6112:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->firsts_flags, kc->firsts_flags, new->first_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->seconds_flags, kc->seconds_flags, new->second_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6120:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->offsets_flags, kc->offsets_flags, new->first_cnt*new->second_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6131:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->adjusts,kc->adjusts, new->first_cnt*new->second_cnt*sizeof(DeviceTable));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6137:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->adjusts[i].corrections,old,len);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6354:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->map,map->map,map->enccount*sizeof(int32));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6355:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->backmap,map->backmap,map->backmax*sizeof(int32));
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6361:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->remap,map->remap,n*sizeof(struct remap));
data/fontforge-20201107~dfsg/fontforge/splineutil.h:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *XUIDFromFD(int xuid[20]);
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:1307:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fp2,fp,tot*sizeof(FitPoint));
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2394:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spl->spiros+spl->spiro_cnt-1,
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2897:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2899:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Untitled%d", untitled_cnt++ );
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2926:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sf->pfminfo.os2_vendor,"PfEd",4);
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2943:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2962:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Copyright (c) %d, %.50s", tm->tm_year+1900, author );
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2964:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Copyright (c) %d, Anonymous", tm->tm_year+1900 );
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2970:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d-%d-%d: Created with FontForge (http://fontforge.org)", tm->tm_year+1900, tm->tm_mon+1, tm->tm_mday );
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:3023:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(npt, "%d]", val );
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:3846:56: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void SplineSetsInsertOpen(SplineSet **tbase,SplineSet *open) {
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:3849:33: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
for ( p=NULL, spl=*tbase, e=open; e!=NULL; e = next ) {
data/fontforge-20201107~dfsg/fontforge/splineutil2.h:62:64: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
extern void SplineSetsInsertOpen(SplineSet **tbase, SplineSet *open);
data/fontforge-20201107~dfsg/fontforge/stemdb.c:3627:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stem->active,activespace,acnt*sizeof(struct segment));
data/fontforge-20201107~dfsg/fontforge/stemdb.c:4510:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( stem->active,activespace,acnt*sizeof( struct segment ));
data/fontforge-20201107~dfsg/fontforge/stemdb.c:5247:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &master->dependent[i-1],&master->dependent[i],
data/fontforge-20201107~dfsg/fontforge/stemdb.c:5895:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &gd->bd,bd,sizeof( BlueData ));
data/fontforge-20201107~dfsg/fontforge/svg.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[85];
data/fontforge-20201107~dfsg/fontforge/svg.c:193:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "M%g %g", (double) spl->first->me.x, (double) spl->first->me.y );
data/fontforge-20201107~dfsg/fontforge/svg.c:205:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"v%g", (double) (sp->to->me.y-last.y) );
data/fontforge-20201107~dfsg/fontforge/svg.c:207:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"h%g", (double) (sp->to->me.x-last.x) );
data/fontforge-20201107~dfsg/fontforge/svg.c:212:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"l%g %g", (double) (sp->to->me.x-last.x), (double) (sp->to->me.y-last.y) );
data/fontforge-20201107~dfsg/fontforge/svg.c:217:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"t%g %g", (double) (sp->to->me.x-last.x), (double) (sp->to->me.y-last.y) );
data/fontforge-20201107~dfsg/fontforge/svg.c:219:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"q%g %g %g %g",
data/fontforge-20201107~dfsg/fontforge/svg.c:226:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"s%g %g %g %g",
data/fontforge-20201107~dfsg/fontforge/svg.c:230:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"c%g %g %g %g %g %g",
data/fontforge-20201107~dfsg/fontforge/svg.c:357:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(transform,trans,4*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/svg.c:1043:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( file=fopen(fontname,"w+"))==NULL )
data/fontforge-20201107~dfsg/fontforge/svg.c:1924:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(trans,res,sizeof(res));
data/fontforge-20201107~dfsg/fontforge/svg.c:2339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fourchars[4];
data/fontforge-20201107~dfsg/fontforge/svg.c:2490:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ent->u.splines.transform,state->transform,6*sizeof(real));
data/fontforge-20201107~dfsg/fontforge/svg.c:2503:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[200], propbuf[400];
data/fontforge-20201107~dfsg/fontforge/svg.c:2877:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforge/svg.c:2929:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "uni%04X.vert", sc->unicodeenc );
data/fontforge-20201107~dfsg/fontforge/svg.c:2931:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "u%04X.vert", sc->unicodeenc );
data/fontforge-20201107~dfsg/fontforge/svg.c:2954:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforge/svg.c:2959:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "glyph%d", enc);
data/fontforge-20201107~dfsg/fontforge/svg.c:3012:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pt,"uni%04X", (unsigned int) u[len]);
data/fontforge-20201107~dfsg/fontforge/svg.c:3014:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pt,"u%04X", (unsigned int) u[len]);
data/fontforge-20201107~dfsg/fontforge/svg.c:3689:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldloc[25];
data/fontforge-20201107~dfsg/fontforge/tottf.c:130:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ttfstandardnames[258] = {
data/fontforge-20201107~dfsg/fontforge/tottf.c:1429:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforge/tottf.c:1598:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], *pt;
data/fontforge-20201107~dfsg/fontforge/tottf.c:1600:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", d);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3001:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pfminfo->panose,info.panose,sizeof(info.panose));
data/fontforge-20201107~dfsg/fontforge/tottf.c:3419:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(os2->achVendID,"PfEd",4);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3774:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforge/tottf.c:3795:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Version %f ", (double)sf->cidversion );
data/fontforge-20201107~dfsg/fontforge/tottf.c:3797:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Version %.20s ", sf->version);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3799:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer,"Version 1.0" );
data/fontforge-20201107~dfsg/fontforge/tottf.c:4332:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(glyphs+(pos-1)*planesize+plane0size,tempglyphs,planesize*sizeof(uint16));
data/fontforge-20201107~dfsg/fontforge/tottf.c:4642:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vses,vsbuf,sizeof(vsbuf));
data/fontforge-20201107~dfsg/fontforge/tottf.c:5852:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[8];
data/fontforge-20201107~dfsg/fontforge/tottf.c:5909:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(e,".g2n");
data/fontforge-20201107~dfsg/fontforge/tottf.c:5911:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(newname,"wb");
data/fontforge-20201107~dfsg/fontforge/tottf.c:5967:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforge/tottf.c:6057:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforge/tottf.c:6102:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( ttf=fopen(fontname,"wb+"))==NULL )
data/fontforge-20201107~dfsg/fontforge/tottf.c:6573:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at->head.createtime,at->head.modtime,sizeof(at->head.modtime));
data/fontforge-20201107~dfsg/fontforge/tottf.c:6899:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( ttc=fopen(filename,"wb+"))==NULL )
data/fontforge-20201107~dfsg/fontforge/tottfgpos.c:437:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(space,spc,(max-30)*sizeof(SplineChar *));
data/fontforge-20201107~dfsg/fontforge/tottfgpos.c:452:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret,space,cnt*sizeof(SplineChar *));
data/fontforge-20201107~dfsg/fontforge/tottfvar.c:751:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/fontforge-20201107~dfsg/fontforge/ttf.h:508:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char panose[10]; /* can be set to zero */
data/fontforge-20201107~dfsg/fontforge/ttf.h:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char achVendID[4]; /* can be zero */
data/fontforge-20201107~dfsg/fontforge/ttfinstrs.c:548:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, " %d", (short) ((iv->instrdata->instrs[i]<<8) | iv->instrdata->instrs[i+1]) );
data/fontforge-20201107~dfsg/fontforge/ttfinstrs.c:551:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, " %d", iv->instrdata->instrs[i]);
data/fontforge-20201107~dfsg/fontforge/ufo.c:132:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * DOS_reserved[12] = {"CON", "PRN", "AUX", "CLOCK$", "NUL", "COM1", "COM2", "COM3", "COM4", "LPT1", "LPT2", "LPT3"};
data/fontforge-20201107~dfsg/fontforge/ufo.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/fontforge-20201107~dfsg/fontforge/ufo.c:457:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpstring, "<");
data/fontforge-20201107~dfsg/fontforge/ufo.c:460:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpstring, ">");
data/fontforge-20201107~dfsg/fontforge/ufo.c:463:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpstring, "&");
data/fontforge-20201107~dfsg/fontforge/ufo.c:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char versionStr[6];
data/fontforge-20201107~dfsg/fontforge/ufo.c:849:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstring[32];
data/fontforge-20201107~dfsg/fontforge/ufo.c:1329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendor[8], fc[2];
data/fontforge-20201107~dfsg/fontforge/ufo.c:1332:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vendor,sf->pfminfo.os2_vendor,4);
data/fontforge-20201107~dfsg/fontforge/ufo.c:1339:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fstype[16];
data/fontforge-20201107~dfsg/fontforge/ufo.c:1383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ranges[128];
data/fontforge-20201107~dfsg/fontforge/ufo.c:1394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pages[64];
data/fontforge-20201107~dfsg/fontforge/ufo.c:1956:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *feats = fopen( fname, "w" );
data/fontforge-20201107~dfsg/fontforge/ufo.c:2180:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *info = fopen(fn,"r");
data/fontforge-20201107~dfsg/fontforge/ufo.c:2181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/fontforge/ufo.c:2879:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(init,pre,sizeof(pre));
data/fontforge-20201107~dfsg/fontforge/ufo.c:2952:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(init,pre,sizeof(pre));
data/fontforge-20201107~dfsg/fontforge/ufo.c:2991:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(init,pre,sizeof(pre));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3012:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !open && ss->first != NULL ) {
data/fontforge-20201107~dfsg/fontforge/ufo.c:3019:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(init,pre,sizeof(pre));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3020:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(init+precnt,temp,sizeof(temp));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3349:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tmp_offsets + (rowpos * (sf->kerns->second_cnt + right_count)) * sizeof(int16), (void *)(sf->kerns->offsets) + (rowpos * sf->kerns->second_cnt) * sizeof(int16), sf->kerns->second_cnt * sizeof(int16));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3359:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tmp_offsets_flags + (rowpos * (sf->kerns->second_cnt + right_count)) * sizeof(int), (void *)(sf->kerns->offsets_flags) + (rowpos * sf->kerns->second_cnt) * sizeof(int), sf->kerns->second_cnt * sizeof(int));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3369:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tmp_adjusts + (rowpos * (sf->kerns->second_cnt + right_count)) * sizeof(DeviceTable), (void *)(sf->kerns->adjusts) + (rowpos * sf->kerns->second_cnt) * sizeof(DeviceTable), sf->kerns->second_cnt * sizeof(DeviceTable));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3381:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tmp_offsets + (rowpos * (sf->vkerns->second_cnt + below_count)) * sizeof(int16), (void *)(sf->vkerns->offsets) + (rowpos * sf->vkerns->second_cnt) * sizeof(int16), sf->vkerns->second_cnt * sizeof(int16));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3391:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tmp_offsets_flags + (rowpos * (sf->vkerns->second_cnt + below_count)) * sizeof(int), (void *)(sf->vkerns->offsets_flags) + (rowpos * sf->vkerns->second_cnt) * sizeof(int), sf->vkerns->second_cnt * sizeof(int));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3401:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tmp_adjusts + (rowpos * (sf->vkerns->second_cnt + above_count)) * sizeof(DeviceTable), (void *)(sf->vkerns->adjusts) + (rowpos * sf->vkerns->second_cnt) * sizeof(DeviceTable), sf->vkerns->second_cnt * sizeof(DeviceTable));
data/fontforge-20201107~dfsg/fontforge/ufo.c:3892:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char space[400], *pt, *end;
data/fontforge-20201107~dfsg/fontforge/ufo.c:4122:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fc[2];
data/fontforge-20201107~dfsg/fontforge/uiinterface.h:85:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int (*choose_multiple)(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/fontforge/uiinterface.h:85:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int (*choose_multiple)(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/fontforge/uiinterface.h:85:69: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int (*choose_multiple)(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/fontforge/uiinterface.h:86:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int cnt, char *buts[2], const char *question,...);
data/fontforge-20201107~dfsg/fontforge/views.h:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charselected[ charviewtab_charselectedsz + 1 ];
data/fontforge-20201107~dfsg/fontforge/views.h:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tablabeltxt[ charviewtab_charselectedsz + 1 ];
data/fontforge-20201107~dfsg/fontforge/views.h:302:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *former_names[CV_TABMAX];
data/fontforge-20201107~dfsg/fontforge/views.h:650:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned int open: 1;
data/fontforge-20201107~dfsg/fontforge/winfonts.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyright[60+1];
data/fontforge-20201107~dfsg/fontforge/winfonts.c:292:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp," Italic");
data/fontforge-20201107~dfsg/fontforge/winfonts.c:372:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fon = fopen(filename,"rb");
data/fontforge-20201107~dfsg/fontforge/winfonts.c:651:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"wb");
data/fontforge-20201107~dfsg/fontforge/winfonts.c:766:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[200];
data/fontforge-20201107~dfsg/fontforge/winfonts.c:773:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resident_name[200] = "";
data/fontforge-20201107~dfsg/fontforge/winfonts.c:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char non_resident_name[200] = "";
data/fontforge-20201107~dfsg/fontforge/winfonts.c:781:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[0x1000];
data/fontforge-20201107~dfsg/fontforge/winfonts.c:837:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(non_resident_name + strlen(non_resident_name), ",%d", point_size);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:842:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(non_resident_name, " (VGA res)");
data/fontforge-20201107~dfsg/fontforge/winfonts.c:844:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(non_resident_name, " (8514 res)");
data/fontforge-20201107~dfsg/fontforge/winfonts.c:878:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fon = fopen(filename, "wb");
data/fontforge-20201107~dfsg/fontforge/woff.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[CHUNK];
data/fontforge-20201107~dfsg/fontforge/woff.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[CHUNK];
data/fontforge-20201107~dfsg/fontforge/woff.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[CHUNK];
data/fontforge-20201107~dfsg/fontforge/woff.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[CHUNK];
data/fontforge-20201107~dfsg/fontforge/woff.c:555:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (( woff=fopen(fontname,"wb+"))==NULL )
data/fontforge-20201107~dfsg/fontforge/woff.c:624:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *woff = fopen(fontname, "wb");
data/fontforge-20201107~dfsg/fontforgeexe/alignment.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforgeexe/alignment.c:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforgeexe/alignment.c:391:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/alignment.c:463:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", lastsize );
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:555:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:558:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) a->apos.x );
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:561:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) a->apos.y );
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:792:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unichar_t ubuf[20]; char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:797:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", a->xadjust.corrections[
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:806:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", a->yadjust.corrections[
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:889:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:906:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:910:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", i+min );
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:921:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", a->xadjust.corrections[
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:930:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", a->yadjust.corrections[
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:938:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:966:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", (int) rint(ap->me.x) );
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:968:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", (int) rint(ap->me.y) );
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:1178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], xbuf[20], ybuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:1192:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a.xadjust.corrections,ap->xadjust.corrections,len);
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:1198:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a.yadjust.corrections,ap->yadjust.corrections,len);
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:1252:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", a.pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:1294:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( xbuf, "%d", (int) rint(ap->me.x) );
data/fontforge-20201107~dfsg/fontforgeexe/anchorsaway.c:1340:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ybuf, "%d", (int) rint(ap->me.y) );
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sepbuf[20], minbuf[20], maxbuf[20], hbuf[20], lbuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:176:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sepbuf, "%d", sf->width_separation );
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:178:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sepbuf, "%d", (int) rint( width_separation * emsize / width_last_em_size ));
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:203:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( minbuf, "%d", (int) rint( sf->descent*tan(sf->italicangle*FF_PI/180 )) );
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:205:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( minbuf, "%d", (int) -rint( sf->ascent*tan(sf->italicangle*FF_PI/180 )) );
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:207:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( minbuf, "%d", (int) rint( width_min_side_bearing * emsize / width_last_em_size ));
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:226:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( maxbuf, "%d", (int) rint( width_max_side_bearing * emsize / width_last_em_size ));
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:250:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( hbuf, "%d", (int) rint( width_chunk_height * emsize / width_last_em_size ));
data/fontforge-20201107~dfsg/fontforgeexe/autowidth2dlg.c:269:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( lbuf, "%d", (int) rint( width_loop_cnt * emsize / width_last_em_size ));
data/fontforge-20201107~dfsg/fontforgeexe/basedlg.c:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[4];
data/fontforge-20201107~dfsg/fontforgeexe/basedlg.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[8];
data/fontforge-20201107~dfsg/fontforgeexe/basedlg.c:285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/basedlg.c:478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[8];
data/fontforge-20201107~dfsg/fontforgeexe/basedlg.c:713:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:494:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:515:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", bdf->props[i+cur->top_prop].u.val );
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:519:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%u", (unsigned) bdf->props[i+cur->top_prop].u.val );
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:648:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:649:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d",bdf->props[line].u.val );
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:711:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:712:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[130];
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:751:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", bdf->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/bdfinfo.c:753:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d@%d", bdf->pixelsize, BDFDepth(bdf));
data/fontforge-20201107~dfsg/fontforgeexe/bitmapdlg.c:170:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pt,"%.1f",(double) ((sizes[i]&0xffff)*scale) );
data/fontforge-20201107~dfsg/fontforgeexe/bitmapdlg.c:177:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pt,"@%d", (int) (sizes[i]>>16) );
data/fontforge-20201107~dfsg/fontforgeexe/bitmapdlg.c:274:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
which[i].text = (unichar_t *) _((char *) which[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:202:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("%1$.80s at %2$d size %3$d from %4$.80s"),
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:822:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:1781:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:1791:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d",bv->bc->width);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:1794:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d",bv->bc->vwidth);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:1961:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:1965:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d:%d", lastx, lasty );
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:2339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:190:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "H<%g,%g>, ",
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:199:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "V<%g,%g>, ",
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:515:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:564:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->countermasks[i],ti[i]->userdata,sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:672:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d:%d, ", i, adjust->corrections[i-adjust->first_pixel_size]);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:954:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lcpst->u.lcaret.carets,pst->u.lcaret.carets,pst->u.lcaret.cnt*sizeof(int16));
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1133:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1230:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newpst->u.pair.vr,pst->u.pair.vr,sizeof(struct vr [2]));
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1235:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newpst->u.lcaret.carets,pst->u.lcaret.carets,pst->u.lcaret.cnt*sizeof(int16));
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1265:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newsc->countermasks,sc->countermasks,sc->countermask_cnt*sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1337:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1687:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1692:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double)(b.minx-margin) );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1694:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double)(b.miny-margin) );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1696:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double)(b.maxx+margin) );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1698:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double)(b.maxy+margin) );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1720:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1828:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *components, *pt, buffer[12];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[200];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1904:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( namebuf, "%.20s.%d.%.80s", sf->cidmaster->ordering, sc->orig_pos, suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1907:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( namebuf, "cid-%d.%.80s", sc->orig_pos, suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1912:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( namebuf, "uni%04X.%.80s", sc->unicodeenc, suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1916:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( namebuf, "glyph%d.%.80s", sc->orig_pos, suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1920:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( namebuf, "%.80s.%.80s", sc->name, suffix );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[100];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:2030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40], *ctemp; unichar_t ubuf[2], *temp;
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:2048:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"U+%04x", i);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:2135:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unichar_t *temp, ubuf[2]; char buf[10];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:2150:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"U+%04x", val);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:2515:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3629:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", value );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3656:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3690:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", cnt );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3942:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3943:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3955:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("Glyph Info for %.40s"),sc->name);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3977:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"U+%04x", sc->unicodeenc);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4066:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "U+%04x (", *bits );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4075:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, ") ");
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4099:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%02x ", *d_ptr); break;
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4101:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%04x ", *d_ptr); break;
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4103:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%06x ", *d_ptr); break;
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4105:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%08x ", *d_ptr);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4146:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ti[i]->userdata,sc->countermasks[i],sizeof(HintMask));
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4151:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",sc->tex_height);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4157:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",sc->tex_depth);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4163:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",sc->italic_correction);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4172:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",sc->top_accent_horiz);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4188:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",sc->vert_variants!=NULL?sc->vert_variants->italic_correction:0);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4201:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",sc->horiz_variants!=NULL?sc->horiz_variants->italic_correction:0);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4222:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) sc->tile_margin );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4227:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) sc->tile_bounds.minx );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4229:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) sc->tile_bounds.miny );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4231:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) sc->tile_bounds.maxx );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:4233:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) sc->tile_bounds.maxy );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:5535:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lists[i][j].text = (unichar_t *) S_((char *) lists[i][j].text);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:995:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf,"%d", pnum );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:1127:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,"??");
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:1131:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf,"%d", sp->ttfindex );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:1960:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf,"%.1f", (double) val);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:1971:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2049:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name, ubuf[50];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2285:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ubuf+strlen(ubuf),"#%d", ap->lig_index);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2351:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2648:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2822:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:3515:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300], *title;
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:3567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:3638:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4011:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[buffersz+1];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4047:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d%%", (int) (100*tab->scale));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4049:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.3g%%", (double) (100*tab->scale));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4053:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layername[layernamesz+1];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4077:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( buffer, "Interpolate" );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4151:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.1f", sqrt(xdiff*xdiff+ydiff*ydiff));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4155:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d\302\260", (int) rint(180*atan2(ydiff,xdiff)/FF_PI));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4633:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:5782:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:5798:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40], *pt;
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:7060:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20], *end;
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:7064:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",cv->hvoffset );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:8929:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ret[4097];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:9557:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ref->transform,t,sizeof(t));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:10149:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros,sel->spiros+which,(sel->spiro_cnt-1-which)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:10150:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+(sel->spiro_cnt-1-which),sel->spiros,which*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:10151:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+sel->spiro_cnt-1,sel->spiros+sel->spiro_cnt-1,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:10690:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:12081:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:12208:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mit[0].ti.text = (unichar_t *) copy( (char *) mit[0].ti.text );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:12367:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mml,mvlist,sizeof(mvlist));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:12443:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mml,mmlist,sizeof(mmlist));
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:12883:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:13125:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mblist_nomm[i].ti.text = (unichar_t *) _((char *) mblist_nomm[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:88:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt," ⇐ "); pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[140];
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:528:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d ", kern->newoff);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:530:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d,%d ", kern->newoff, kern->newyoff );
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:926:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:957:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
kernmenu[i].ti.text = (unichar_t *) _((char *) kernmenu[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:960:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
acmenu[i].ti.text = (unichar_t *) _((char *) acmenu[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:990:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.20s %d U+%04x",
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:995:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer+strlen(buffer)-4, "????");
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:996:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " + %.20s %d U+%04x",
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:1001:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer+strlen(buffer)-4, "????");
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:1036:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:1039:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "total kern pairs=%d\nchars starting kerns=%d",
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:1042:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "total anchored pairs=%d\nbase char cnt=%d",
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:1157:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sortby[i].text = (unichar_t *) _((char *) sortby[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:220:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d ", classes[i]);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:231:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d ", classes[i]);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:252:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d ", classes[i]);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:262:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d ", classes[i]);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:290:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:294:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf," %d \"\",", r->lookups[i].seq );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:420:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *classruleitem(struct fpst_rule *r,struct matrix_data **classes, int clen[3], int cols) {
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:423:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:432:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d ", c);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:446:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d ", c);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:458:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d ", c);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:471:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d ", c);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:481:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void classruleitem2rule(SplineFont *sf,const char *ruletext,struct fpst_rule *r,
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:666:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:927:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:933:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, " %d ", r );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:987:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1853:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40], *end, *pt;
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1865:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d",r );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1873:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d",r );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1895:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], *end;
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1900:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",i-1);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1911:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1915:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", r );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:2011:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *titles[2][5] = {
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:2052:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addlookup_list+1,lookup_list,(i+1)*sizeof(GTextInfo));
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:2054:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addrmlookup_list+2,lookup_list,(i+1)*sizeof(GTextInfo));
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:2070:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
section[0].text = (unichar_t *) S_( (char *) section[0].text);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:2071:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
section[1].text = (unichar_t *) S_( (char *) section[1].text);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:2398:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
GDrawGetText8Width(ccd->glyphs_simple,(char *)extrabuttonslab[i].text,-1))+50;
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:2835:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:2836:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d",j );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:3012:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:3013:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d",j );
data/fontforge-20201107~dfsg/fontforgeexe/cvaddpoints.c:336:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ss->spiros+ss->spiro_cnt-1,
data/fontforge-20201107~dfsg/fontforgeexe/cvaddpoints.c:692:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(activess->spiros+activess->spiro_cnt-1,
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:169:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, " rp0: %d", exc->GS.rp0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:171:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, " rp1: %d", exc->GS.rp1 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:173:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, " rp2: %d", exc->GS.rp2 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:175:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "loop: %ld", exc->GS.loop );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:187:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "MinDist: %.2f", exc->GS.minimum_distance/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:189:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "CvtCutin: %.2f", exc->GS.control_value_cutin/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:191:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "SingWidCut: %.2f", exc->GS.single_width_cutin/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:193:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "SingWidVal: %.2f", exc->GS.single_width_value/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:197:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "freeVec: %g,%g", (((int)exc->GS.freeVector.x<<16)>>(16+14)) + ((exc->GS.freeVector.x&0x3fff)/16384.0),
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:200:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "projVec: %g,%g", (((int)exc->GS.projVector.x<<16)>>(16+14)) + ((exc->GS.projVector.x&0x3fff)/16384.0),
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:203:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "dualVec: %g,%g", (((int)exc->GS.dualVector.x<<16)>>(16+14)) + ((exc->GS.dualVector.x&0x3fff)/16384.0),
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:210:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "DeltaBase: %d", exc->GS.delta_base );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:212:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "DeltaShift: %d", exc->GS.delta_shift );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:225:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "SRndPeriod: %.2f", exc->period/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:227:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "SRndPhase: %.2f", exc->phase/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:229:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "SRndThreshold: %.2f", exc->threshold/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:231:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "InstrControl: %d", exc->GS.instruct_control );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:235:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "ScanType: %d", exc->GS.scan_type );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:241:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Pixels/Em: %d", PPEMY(exc) );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:257:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%3d: %3ld (%.2f)", i, exc->stack[i], exc->stack[i]/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:268:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:281:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("%3d: <uninitialized>"), i );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:283:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%3d: %3ld (%.2f)", i, exc->storage[i], exc->storage[i]/64.0 );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:309:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%3d: %3ld (%.2f)", dv->cvt_offtop+i,
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:400:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " : I %.2f,%.2f",
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:403:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " : I %g,%g",
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:406:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " : I %g,%g", (double) me.x , (double) me.y );
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:422:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%3d: %c%c%c %.2f,%.2f", i,
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:427:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%3d: %c%c%c %d,%d", i,
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:431:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%3d: %c%c%c %g,%g", i,
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:915:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
popupwindowlist[i].ti.text = (unichar_t *) _((char *) popupwindowlist[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cspace[210];
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2325:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cspace, "\nRaster On");
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2327:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cspace, "\nRaster Off");
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2347:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cspace, "\nOld Raster On");
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2349:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cspace, "\nOld Raster Off");
data/fontforge-20201107~dfsg/fontforgeexe/cvdgloss.c:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvexportdlg.c:453:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rcb[3], *temp;
data/fontforge-20201107~dfsg/fontforgeexe/cvexportdlg.c:632:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100]; unichar_t ubuf[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvexportdlg.c:641:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
formats[i].text= (unichar_t *) _((char *) formats[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/cvexportdlg.c:660:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cur_formats[cnt].text = (unichar_t *) copy( (char *) formats[cnt].text );
data/fontforge-20201107~dfsg/fontforgeexe/cvfreehand.c:754:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *foo = fopen("mousemove","r");
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:171:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g",(double) (inbase.x-inref.x));
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:173:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g",(double) (inbase.y-inref.y));
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:287:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[6][40], bbbuf[4][40];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basebuf[20], refbuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:335:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ubuf[40];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:376:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ubuf, " Unicode: U+%04x", ref->sc->unicodeenc );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:399:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tbuf[i],"%g", (double) ref->transform[i]);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:464:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(basebuf,"%d", ref->match_pt_base);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:487:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(refbuf,"%d", ref->match_pt_ref);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:556:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bbbuf[i],"%g", (double) ((&ref->bb.minx)[i]));
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:657:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char posbuf[100], scalebuf[100], sizebuf[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:682:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( posbuf, _("Image at: (%.0f,%.0f)"), (double) img->xoff,
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:692:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( scalebuf, _("Scaled by: (%.2f,%.2f)"), (double) img->xscale, (double) img->yscale );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:701:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sizebuf, _("Image Size: %d x %d pixels"), (int) base->width, (int) base->height );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:886:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:888:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d", ap->lig_index );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:917:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[40];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:930:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val,"%g",(double) ap->me.x);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:933:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val,"%g",(double) ap->me.y);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:936:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val,"%d",ap->type==at_baselig?ap->lig_index:0);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:943:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val,"%d",ap->ttf_pt_index);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:993:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1158:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1160:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d", max+1);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1291:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1292:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g",(double) here.x);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1294:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g",(double) here.y);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1904:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%e", (double) v );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1906:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%f", (double) v );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1908:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.5f", (double) v );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1928:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[51];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2038:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Curvature: %g"), kappa*emsize );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2040:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buffer, _("Curvature: ?"));
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2043:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Curvature: %g"), kappa2*emsize );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2048:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "∆: %g", (kappa-kappa2)*emsize );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2050:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buffer, "∆: ?");
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2629:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2639:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "H<%g,%g>",
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2642:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "H<%g,%g>",
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2653:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "V<%g,%g>",
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2656:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "V<%g,%g>",
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2736:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( gi->gcd, gcd, gcdcount*sizeof(GGadgetCreateData) );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:3321:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( gi->gcd, gcd, gcdcount*sizeof(GGadgetCreateData) ); // This copies pointers, but only to static things.
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:3354:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:3815:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:3887:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ubuf[200];
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:3890:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/cvgridfit.c:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], buffer2[20], buffer3[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvgridfit.c:274:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer2, "%d", gridfit_dpi );
data/fontforge-20201107~dfsg/fontforgeexe/cvgridfit.c:298:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", gridfit_pointsizey );
data/fontforge-20201107~dfsg/fontforgeexe/cvgridfit.c:323:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer3, "%g", gridfit_x_sameas_y ? gridfit_pointsizey : gridfit_pointsizex);
data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20]; unichar_t ubuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c:99:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d/%d", pos, cnt );
data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c:117:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%g", (double) (!hd->active->ghost ? hd->active->start : hd->active->start+hd->active->width) );
data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c:121:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%g", (double) (!hd->active->ghost ? hd->active->width : -hd->active->width) );
data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c:748:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20]; unichar_t ubuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c:782:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) (ishstem ? cv->p.cy : cv->p.cx) );
data/fontforge-20201107~dfsg/fontforgeexe/cvhints.c:879:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) (ishstem ? cv->p.cy : cv->p.cx) );
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:50:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ps = fopen(path,"r");
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:59:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *pdf = fopen(path,"r");
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:68:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *plate = fopen(path,"r");
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char accbuf[20], jlbuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:384:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( jlbuf, "%g", (double) (ip->default_joinlimit) );
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:407:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( accbuf, "%g", (double) (ip->accuracy_target) );
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:750:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
formats[i].text = (unichar_t *) _((char *) formats[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:752:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fvformats[i].text = (unichar_t *) _((char *) fvformats[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:769:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cur_formats[cnt].text = (unichar_t *) copy( (char *) base[cnt].text );
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:121:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros,spl->spiros+spiro_index,(spl->spiro_cnt-1-spiro_index)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+(spl->spiro_cnt-1-spiro_index),spl->spiros,spiro_index*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:123:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+spl->spiro_cnt-1,newspiros,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:124:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+spl->spiro_cnt,spl->spiros+spl->spiro_cnt-1,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:135:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+1,spl->spiros+spiro_index+1,(spl->spiro_cnt-1-(spiro_index+1))*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:136:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+1+(spl->spiro_cnt-1-(spiro_index+1)),spl->spiros,(spiro_index+1)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:137:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+spl->spiro_cnt,newspiros,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:138:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newspiros+spl->spiro_cnt+1,spl->spiros+spl->spiro_cnt-1,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spl2->spiros,spl->spiros+spiro_index,(spl->spiro_cnt-spiro_index)*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:161:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spl->spiros+spiro_index+1,spl->spiros+spl->spiro_cnt-1,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:168:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spl2->spiros+1,spl->spiros+spiro_index+1,(spl->spiro_cnt-(spiro_index+1))*sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:172:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spl->spiros+spiro_index+1,spl2->spiros,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvknife.c:174:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spl->spiros+spiro_index+2,spl->spiros+spl->spiro_cnt-1,sizeof(spiro_cp));
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:522:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:523:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cenx[20], ceny[20], radx[20], rady[20], angle[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:579:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", *val );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:625:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%4g", star_percent*100 );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:689:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cenx, "%g", (double) cv->info.x );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:699:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ceny, "%g", (double) cv->info.y );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:717:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( radx, "%g", (double) raddiam_x );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:727:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( rady, "%g", (double) raddiam_y );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:744:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( angle, "%g", (double) rotate_by );
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:1162:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spirotools,tools,sizeof(tools));
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:1710:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layername[layernamesz+1];
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:1747:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2411:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[40];
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2598:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2626:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2910:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/cvpointer.c:1619:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:64:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,_("No Curvature"));
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:68:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_(" Curvature: %g"), kappa*emsize);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:70:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_(" Curvature: %g Radius: %g"), kappa*emsize, 1.0/kappa );
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:95:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%f,%f", (double) cv->info.x, (double) cv->info.y);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:97:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%f %.0f° (%f,%f)", (double) len,
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:129:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, _("Normal Distance: %.2f Along Spline: %.2f"),
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:137:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.2f,%.2f", (double) (cv->info.x/scalex), (double) (cv->info.y/scaley));
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:141:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, _("Near (%f,%f)"),
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:145:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, _("Near (%f,%f)"),(double) cv->p.sp->me.x,(double) cv->p.sp->me.y );
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:175:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, _("Spline Length=%.1f"), len);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:177:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, _("Spline Length=%g"), len);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:186:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,_("No Next Control Point"));
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:188:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("Next CP: (%f,%f)"), (double) cv->p.sp->nextcp.x, (double) cv->p.sp->nextcp.y);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:204:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,_("No Previous Control Point"));
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:206:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("Prev CP: (%f,%f)"), (double) cv->p.sp->prevcp.x, (double) cv->p.sp->prevcp.y);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:226:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,_("No Previous Control Point"));
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:228:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("Prev CP: (%f,%f)"), (double) cv->p.sp->prevcp.x, (double) cv->p.sp->prevcp.y);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:274:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, _(" snapped"));
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:286:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, _(" snapped"));
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:791:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:815:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:980:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:1016:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:639:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char anglebuf[20], ecbuf[20], jlbuf[20], accbuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:640:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char widthbuf[20], axisbuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:766:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( widthbuf, "%g", (double) (si->width) );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:790:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( axisbuf, "%g", (double) (si->height) );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:817:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( anglebuf, "%g", (double) (si->penangle*180/FF_PI) );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:988:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( jlbuf, "%g", (double) (si->joinlimit) );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:1027:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( accbuf, "%g", (double) (si->accuracy_target) );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:1051:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ecbuf, "%g", (double) (si->extendcap) );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2106:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) height );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2134:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", (double) width );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2167:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", skew );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2169:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", rot );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2171:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", trans[4] );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2173:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", trans[5] );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[340];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2203:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "[%g %g %g %g %g %g]", c, s, t*c-s, t*s+c, x, y );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char width[50], height[50], transform[340];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2302:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(transform,"[1 0 0 1 0 0]");
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2307:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( width, "%g", (double) active->width );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2308:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( height, "%g", (double) active->height );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2309:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( transform, "[%g %g %g %g %g %g]",
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2738:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2750:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"#%06x", val );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2784:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char widthbuf[20], fcol[12], scol[12], fopac[30], sopac[30], transbuf[150],
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2836:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( fcol, "#%06x", layer->fill_brush.col );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:2879:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( fopac, "%g", layer->fill_brush.opacity );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:3031:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( scol, "#%06x", layer->stroke_pen.brush.col );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:3075:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sopac, "%g", layer->stroke_pen.brush.opacity );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:3210:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( widthbuf, "%g", layer->stroke_pen.width );
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:3250:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d ", layer->stroke_pen.dashes[i]);
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:3294:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( transbuf, "[%.4g %.4g %.4g %.4g]", (double) layer->stroke_pen.trans[0],
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dpi_buffer[40], within_buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:280:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dpi_buffer, "%d", delta_dpi );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:314:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( within_buffer, "%g", delta_within );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:473:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !parent->open )
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:519:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( parent->kids[k].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:540:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( where->parent->open && where->offset==-1 ) {
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:620:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:638:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Size: %d (%d)"), size, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:650:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Size: %d (%d)"), size, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:672:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Point: %d (%d)"), pt, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:684:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Point: %d (%d)"), pt, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:707:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "\"%.40s\" (%d)", sc->name, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:719:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "\"%.40s\" (%d)", sc->name, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:731:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:761:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "\"%.40s\" (%d)", sc->name, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:773:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "\"%.40s\" (%d)", sc->name, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:794:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Size: %d (%d)"), size, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:806:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Size: %d (%d)"), size, l-lstart );
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:831:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:849:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !where.parent->open )
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:855:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("\"%.40s\" size=%d point=%d (%d,%d) distance=%g"),
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:875:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
where.parent->open = !where.parent->open;
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:973:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sorts[i].text = (unichar_t *) _((char *) sorts[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/deltaui.c:975:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
glyphsorts[i].text = (unichar_t *) _((char *) glyphsorts[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[400];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:231:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
printcap = fopen("/etc/printcap","r");
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10], pb[30];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:413:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pb,"US Letter"); /* Pick a name, this is the default case */
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:415:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pb,"US Letter");
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:417:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pb,"US Legal");
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:419:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pb,"A4");
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:421:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pb,"A3");
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:423:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pb,"B4");
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:425:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pb,"%dx%d mm", (int) (pi->pi.pagewidth*25.4/72),(int) (pi->pi.pageheight*25.4/72));
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:450:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",pi->pi.copies);
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:622:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:696:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pi->pi.out = fopen(file,"wb");
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:908:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:915:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",size);
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:983:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "<%d,%d>", tags[i]>>16, tags[i]&0xffff );
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1048:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[12]; unichar_t usize[12];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1072:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( size, "%d", best->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[12]; unichar_t usize[12];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1126:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( size, "%d", best->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100], *pt=buf, *end=buf+sizeof(buf)-10;
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1171:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d,", bdf->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1181:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", best->pixelsize);
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1264:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", (int) rint( sample->inner.width*72/lastdpi ));
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1345:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[14]; unichar_t usize[14];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1353:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( size, "%g",
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1495:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,_("Text Width:%4d"), (int) rint(li->xmax*72.0/lastdpi));
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1569:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12], dpibuf[12], sizebuf[12], widthbuf[12], pathlen[32];
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1659:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", bestbdf->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1661:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,"12");
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1854:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dpibuf, "%d", dpi );
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1891:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( widthbuf, "%d", width );
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1982:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sizebuf,"%d",active->pi.pointsize);
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:2080:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pathlen, _("Path Length: %g"), PathLength(fit_to_path));
data/fontforge-20201107~dfsg/fontforgeexe/effectsui.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], buffer2[20];
data/fontforge-20201107~dfsg/fontforgeexe/effectsui.c:242:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", def_outline_width );
data/fontforge-20201107~dfsg/fontforgeexe/effectsui.c:263:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer2, "%g", def_gap_width );
data/fontforge-20201107~dfsg/fontforgeexe/effectsui.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], buffer2[20], buffer3[20];
data/fontforge-20201107~dfsg/fontforgeexe/effectsui.c:434:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", def_outline_width );
data/fontforge-20201107~dfsg/fontforgeexe/effectsui.c:452:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer2, "%g", def_shadow_len );
data/fontforge-20201107~dfsg/fontforgeexe/effectsui.c:470:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer3, "%g", def_sun_angle );
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:354:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:392:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename,".cidmap");
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:489:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
encodingtypes[i].text = (unichar_t *) S_((char *) encodingtypes[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:511:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mi[i].ti.text = utf82u_copy((char *) (mi[i].ti.text));
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:551:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ti,encodingtypes,sizeof(encodingtypes)-sizeof(encodingtypes[0]));
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:553:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ti[i].text = (unichar_t *) copy((char *) ti[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1811:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return( (char *) ttfnameids[i].text );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1825:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return( (char *) mslanguages[i].text );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1830:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return( (char *) mslanguages[i].text );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1892:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( strcmp((char *) mi[i].ti.text,strings[j*cols+0].u.md_str)==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1917:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1965:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g", dval );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20]; unichar_t ubuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2352:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", ascent ); if ( ascent==0 ) buf[0]='\0'; uc_strcpy(ubuf,buf);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2354:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", descent ); if ( descent==0 ) buf[0]='\0'; uc_strcpy(ubuf,buf);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2356:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", ascent+descent ); if ( ascent+descent==0 ) buf[0]='\0'; uc_strcpy(ubuf,buf);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2366:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30]; unichar_t ubuf[30];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2367:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.1f", val);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2681:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2744:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char versionbuf[40], *v;
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2759:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(versionbuf,_("Version %.20s"),
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2783:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return( (char *) mslanguages[i].text );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2785:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%04X", lang );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2791:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[20], buf2[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2804:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[20], buf2[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2831:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[20], buf2[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2928:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(strings[3*r+2].u.md_str,"odmiana ");
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2954:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(strings[3*r+2].u.md_str,"odmiana ");
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100], buf2[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3178:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lang, (char *) ttfnameids[k].text );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *bpt;
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3339:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newtns,tns,rows*3*sizeof(struct matrix_data));
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[20], buf2[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[20], buf2[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4063:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os2_vendor[4];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4104:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4133:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4220:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( strcasecmp(os2v,(char *) os2versions[0].text )== 0 )
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4233:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( strcmp(wc,(char *) widthclass[i].text)==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4349:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4441:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sf->pfminfo.codepages,codepages,sizeof(codepages));
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4446:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sf->pfminfo.unicoderanges,uranges,sizeof(uranges));
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4491:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sf->pfminfo.os2_vendor,os2_vendor,sizeof(os2_vendor));
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4614:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4671:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf,"%g",rint( val-(ismax ? b.maxy : b.miny)) );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4673:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf,"%g",rint( val+(ismax ? b.maxy : b.miny)) );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4752:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4755:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_subxsize );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4759:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_subysize );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4763:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_subxoff );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4767:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_subyoff );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4772:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_supxsize );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4776:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_supysize );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4780:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_supxoff );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4784:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_supyoff );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4789:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_strikeysize );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4793:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info->os2_strikeypos );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4830:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10]; unichar_t ubuf[10];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4868:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) weightclass[info.weight/100-1].text);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4870:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.weight );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4883:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d", d->sf->os2_version );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4926:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.linegap );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4929:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.vlinegap );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4932:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.os2_typolinegap );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4938:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.os2_winascent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4943:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.os2_windescent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4949:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.os2_typoascent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4954:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.os2_typodescent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4958:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.os2_capheight );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4961:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.os2_xheight );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4967:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.hhead_ascent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:4972:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", info.hhead_descent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5059:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char values[20][20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5103:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( values[i], "%g", d->texdata.params[i+7]*(double) (d->sf->ascent+d->sf->descent)/(double) (1<<20));
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5199:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%g", d->texdata.params[i]*(sf->ascent+sf->descent)/(double) (1<<20));
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ranges[40];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5411:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ranges, "%08x.%08x.%08x.%08x", flags[3], flags[2], flags[1], flags[0]);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5426:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ranges[40];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5428:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ranges, "%08x.%08x.%08x.%08x",
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5464:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ranges[40];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5475:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ranges, "%08x.%08x", flags[1], flags[0]);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5490:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codepages[40];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5492:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( codepages, "%08x.%08x",
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5580:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5681:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5837:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5862:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5885:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:5906:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6025:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6072:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !lk->all[i].deleted && lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6194:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6242:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lkfirst->subtables+lkfirst->subtable_cnt,
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6262:73: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
for ( i=0; i<lk->cnt; ++i ) if ( !lk->all[i].deleted && lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6297:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6577:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !lk->all[i].open )
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6583:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6617:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char popup_msg[600];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6817:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6843:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(filename,"w");
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6918:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6995:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lookuppopupmenu[i].ti.text = (unichar_t *) _( (char *)lookuppopupmenu[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7098:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( otherlk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7315:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7368:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lk->all[i].open = !lk->all[i].open;
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7411:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( lk->all[i].open ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7531:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iabuf[20], upbuf[20], uwbuf[20], asbuf[20], dsbuf[20],
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7533:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dszbuf[20], dsbbuf[20], dstbuf[21], sibuf[20], swbuf[20], sfntrbuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7534:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ranges[40], codepages[40];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7535:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char woffmajorbuf[20], woffminorbuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7538:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[130];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7542:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char createtime[200], modtime[200];
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7678:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( vbuf,"%g", sf->cidversion );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7695:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sfntrbuf, "%g", sf->sfntRevision/65536.0 );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7851:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( uibuf, "%d", sf->uniqueid );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7885:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( asbuf, "%d", sf->ascent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7903:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dsbuf, "%d", sf->descent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7921:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( embuf, "%d", sf->descent+sf->ascent );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7954:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( iabuf, "%g", (double) sf->italicangle );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:7988:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( upbuf, "%g", (double) sf->upos );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:8005:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( uwbuf, "%g", (double) sf->uwidth );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:8185:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( swbuf,"%g", (double) sf->strokewidth );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:9368:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ranges, "%08x.%08x.%08x.%08x",
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:9422:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( codepages, "%08x.%08x",
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:9858:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( woffmajorbuf, "%d", sf->woffMajor );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:9859:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( woffminorbuf, "%d", sf->woffMinor );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:10022:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dszbuf, "%.1f", sf->design_size/10.0);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:10062:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dsbbuf, "%.1f", sf->design_range_bottom/10.0);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:10081:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dstbuf, "%.1f", sf->design_range_top/10.0);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:10100:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sibuf, "%d", sf->fontstyle_id);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:10476:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(!tm) strcpy(createtime, "error");
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:10495:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(!tm) strcpy(modtime, "error");
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:10947:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
needswork[j][i].text = (unichar_t *) S_((char *) needswork[j][i].text);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:10959:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
needswork3[j].ci[i].enum_vals[k].text = (unichar_t *) S_((char *) needswork3[j].ci[i].enum_vals[k].text);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *RecentFiles[RECENT_MAX] = { NULL };
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:79:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *script_filenames[SCRIPT_MENU_MAX];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:523:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:547:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:644:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,"CID");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:648:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,"Var");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:650:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,"MM");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:700:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( newpath, ".sfd" );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40], *end, *ret;
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1261:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", fv->b.sf->extrema_bound<=0 ?
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1826:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( strcmp((char *) scripts[i].text,txt)==0 )
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1886:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tagbuf[4];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3349:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char def[20], *end, *ret;
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3353:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( def, "%d", magnify );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3648:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[256];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3659:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3774:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3842:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",cidmaster->supplement);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4801:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4852:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4863:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(temp,"w");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4878:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4882:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4908:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
old = fopen( temp,"r");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4928:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
new = fopen( buffer,"w");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4969:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[33];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4981:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( temp,"r");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5171:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
for ( i=0; vwlist[i].ti.text==NULL || strcmp((char *) vwlist[i].ti.text, _("Bitmap _Magnification..."))!=0; ++i );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5184:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("%d pixel bitmap"), bdf->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5186:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("%d@%d pixel bitmap"),
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5460:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mml,mmlist,sizeof(mmlist));
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5690:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( feat_sc->name,"uni%04X", uni );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5805:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unichar_t buf[60]; char cbuf[8];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5806:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8_buf[8];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5835:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf,"%04x",sc->unicodeenc);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5843:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf,"%02x",index);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5845:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cbuf,"%04x",index);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:7298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:7417:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fv->b.selected,fvorig->b.selected,fv->b.map->enccount);
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:195:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Font to merge into %.20s"), fv->b.sf->fontname );
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80]; char buf2[30];
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:332:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80]; char buf2[30];
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:350:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Interpolating between %.20s and:"), fv->b.sf->fontname );
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:372:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf2, "%g", last_amount );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *yesno[3];
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:301:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", bc->width );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:303:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", fv->show->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:307:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", bb.minx );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:309:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", bc->width-bb.maxx-1 );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:311:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", (int) rint( (bc->width-bb.maxx-1 + bb.minx)/2 ));
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:319:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", sc->width );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:321:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", sc->vwidth );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:325:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.4g", (double) bb.minx );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:327:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.4g", sc->width-(double) bb.maxx );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:329:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.4g", rint( (sc->width-(double) bb.maxx + (double) bb.minx)/2 ) );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:339:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",wtype==wt_width?6*em/10:wtype==wt_vwidth?em: em/10 );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:346:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%d",wtype==wt_width?6*size/10:wtype==wt_vwidth?size: size/10 );
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/fontforge-20201107~dfsg/fontforgeexe/fvmetricsdlg.c:364:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:94:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !group->open )
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:119:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( group->open && group->kids ) {
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:146:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ( group->open ) {
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:164:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( group->open ) {
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:245:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !group->open )
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:274:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
group->open = !group->open;
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:452:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
current->open = !current->open;
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:499:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !current->open ) {
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:500:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
current->open = !current->open;
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:924:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:967:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "U+%04X-U+%04X ", start, last );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:969:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "U+%04X ", start );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:979:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "U+%04X-U+%04X ", start, last );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:981:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "U+%04X ", start );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1026:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40]; unichar_t ubuf[40];
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1027:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer," color=#%06x", xcol );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1301:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
std_colors[kk].text = (unichar_t *) S_((char *) std_colors[kk].text);
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:111:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h+low-(bottom-10+1),hist->hist,(high+1-low)*sizeof(struct hentry));
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:134:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h,hist->hist + hist->low-low,(hist->high-hist->low+1)*sizeof(struct hentry));
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:198:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h,hist->hist + hist->low-low,(hist->high-hist->low+1)*sizeof(struct hentry));
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:278:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[300];
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:314:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt,"...");
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:421:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:449:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",hist->hoff);
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:451:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",hist->hoff+hist->hwidth/hist->barwidth);
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:460:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:466:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",hist->h->max);
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:481:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",hist->h->max);
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:741:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binsize[20], barwidth[20], *primary, *secondary;
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:854:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(binsize,"%d", hist.sum_around);
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:872:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(barwidth,"%d", hist.barwidth);
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:343:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
for ( j=0; (temp=(char *) (lookup_ci[0].enum_vals[j].text))!=NULL; ++j )
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:380:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ret,", ");
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:519:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char foo[8];
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:529:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char foo[4];
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:561:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pt,", ");
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *space[1], **lefts, **rights, **others;
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:493:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", kcd->orig_kern);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:518:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", nkern);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:549:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", kcd->orig_kern);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:572:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", nkern);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:749:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unichar_t ubuf[20]; char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:754:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", kcd->active_adjust.corrections[
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:835:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:836:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", kcd->orig_kern_offset );
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:844:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->active_adjust.corrections,kcd->orig_adjust.corrections,len);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:905:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:909:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", i+kcd->active_adjust.first_pixel_size);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:917:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", kcd->active_adjust.corrections[
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:976:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:990:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->active_adjust.corrections,kp->adjust->corrections,len);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:993:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->orig_adjust.corrections,kp->adjust->corrections,len);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1014:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", offset);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1098:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1125:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", kcd->offsets[kcd->st_pos]);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1134:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->active_adjust.corrections,kcd->adjusts[kcd->st_pos].corrections,len);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1136:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->orig_adjust.corrections,kcd->adjusts[kcd->st_pos].corrections,len);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1442:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char space[200];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1468:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( space, _("First Class %d\n"), s );
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1480:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( space+len, _("Second Class %d\n"), c );
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1518:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,_("{All}") );
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1571:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1665:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", kcd->offsets[(i+kcd->offtop)*kcd->second_cnt+j+kcd->offleft] );
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2065:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2167:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new+i*(kcd->second_cnt+1),kcd->offsets+i*kcd->second_cnt,
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2178:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new+i*(kcd->second_cnt+1),kcd->adjusts+i*kcd->second_cnt,
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2198:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new+i*(kcd->second_cnt+1),kcd->offsets_flags+i*kcd->second_cnt,
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2526:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2588:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", kcd->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2786:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char titlebuf[300];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2788:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sepbuf[40], mkbuf[40];
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2810:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->offsets,kc->offsets,kc->first_cnt*kc->second_cnt*sizeof(int16));
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2812:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->adjusts,kc->adjusts,kc->first_cnt*kc->second_cnt*sizeof(DeviceTable));
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2817:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->adjusts[i].corrections,kc->adjusts[i].corrections,len);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2836:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->firsts_flags,kc->firsts_flags,kc->first_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2840:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->seconds_flags,kc->seconds_flags,kc->second_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2844:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kcd->offsets_flags,kc->offsets_flags,kc->first_cnt*kc->second_cnt*sizeof(int));
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2936:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sepbuf, "%d", kc->subtable->separation );
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2960:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( mkbuf, "%d", kc->subtable->minkern );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:989:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
needswork[j][i].text = (unichar_t *) S_((char *) needswork[j][i].text);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1053:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tagstr[4], warnstr[8];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1084:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(warnstr,tagstr,4);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1262:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foo[4];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1475:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char foo[4];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1613:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf+bpos, "%c%c%c%c{", scripts[i]>>24, scripts[i]>>16, scripts[i]>>8, scripts[i] );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1616:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf+bpos, "%c%c%c%c,", langs[l]>>24, langs[l]>>16, langs[l]>>8, langs[l] );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1621:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf+bpos,"} ");
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1637:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char featbuf[32], *buf=NULL;
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1650:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( featbuf, "<%d,%d>", fl->featuretag>>16, fl->featuretag&0xffff );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1652:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( featbuf, "%c%c%c%c", fl->featuretag>>24, fl->featuretag>>16,
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1659:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf+bpos, "%c%c%c%c{", sl->script>>24, sl->script>>16,
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1664:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf+bpos, "%c%c%c%c,", tag>>24, tag>>16,
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1770:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:2405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:2532:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:3434:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:3460:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", pstkd->orig_value + diff);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:3469:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", pstkd->orig_value + diff);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:3531:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md,old,rows*cols*sizeof(struct matrix_data));
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:3876:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psts+(j-1)*cols,psts+j*cols,
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4776:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[300];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4783:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sepbuf[40], mkbuf[40];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5024:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sepbuf, "%d", sub->separation );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5048:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( mkbuf, "%d", sub->minkern );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5671:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mkbuf[10];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5677:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mkbuf,"%d",15*(kf->sf->ascent+kf->sf->descent)/1000 );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5802:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sepbuf[40], mkbuf[40], distancebuf[40];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5921:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( distancebuf, "%g", (sf->ascent+sf->descent)/100. );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5952:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sepbuf, "%d", sub->separation );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5976:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( mkbuf, "%d", sub->minkern );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[5];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6228:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tag[4];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6310:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tag[4];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[8];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6389:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[8];
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6406:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ti[i].text = (unichar_t *) copy( (char *) scripts[j].text );
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:213:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
maclanguages[i].text = (unichar_t *) S_( (char *) maclanguages[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:260:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lang = (char *) maclanguages[j].text;
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:290:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%3d ", ms->setting);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:311:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:318:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%3d ", mf->feature);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:756:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%3d ", val1);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:799:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:832:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", changing->setting );
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:1005:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:1058:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%3d ", val1);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:1100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:1133:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", changing->feature );
data/fontforge-20201107~dfsg/fontforgeexe/math.c:196:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tis[j][i].text = (unichar_t *) _((char *) tis[j][i].text);
data/fontforge-20201107~dfsg/fontforgeexe/math.c:272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80], *str;
data/fontforge-20201107~dfsg/fontforgeexe/math.c:278:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, ":%d:%d:%d:%d ", gv->parts[i].is_extender,
data/fontforge-20201107~dfsg/fontforgeexe/math.c:288:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, ":%d:%d:%d:%d ", gv->parts[i].is_extender,
data/fontforge-20201107~dfsg/fontforgeexe/math.c:358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/math.c:370:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", *pos );
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:592:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "<%d,%d>", tags[i]>>16, tags[i]&0xffff );
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:748:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:763:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",mv->vertical ? sc->vwidth : sc->width);
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:766:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%.2f",mv->vertical ? sc->parent->ascent-(double) bb.maxy : (double) bb.minx);
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:777:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%.2f",(double) (mv->vertical ? sc->vwidth-(sc->parent->ascent-bb.miny) : sc->width-bb.maxx));
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:797:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",kern_offset);
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:961:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:988:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf+4,"{dflt}");
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:1303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *yesno[3];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:1892:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mv->chars,scs,(len+1)*sizeof(SplineChar *));
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:2031:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400], *pt, *start;
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:2085:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
GGadgetSetTitle8(mv->text,(char *) (words[0]->text));
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:2439:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:2856:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:3261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], dbuffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:3293:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", (int) rint( mv->ptsize/iscale ));
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:3310:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dbuffer, "%d", mv->dpi );
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:3973:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[60];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:4034:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("%d pixel bitmap"), bdf->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:4036:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("%d@%d pixel bitmap"),
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:4255:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5098:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[8], lbuf[8];
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5112:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sname = (char *) (scripts[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5128:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lname = (char *) (languages[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5176:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mv_text_init[2].text = (unichar_t *) _((char *) mv_text_init[2].text);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *standard_cdvs[5] = {
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *cdv_4axis[3] = {
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *temp, dv[101];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:122:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dv+len, "%g ", (double) designs[j]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80], *pt;
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:201:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt,"%g ", (double) MMAxisUnmap(mm,i,axiscoords[i]));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:327:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cur->data,tab->data,tab->len);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[24];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:391:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.4g", (double) mmcb->mm->named_instances[which].coords[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *axisnames[4], char axisval[4][24],
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:537:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *axisnames[4], char axisval[4][24],
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:541:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char axisrange[80];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:544:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( axisrange, " [%.4g %.4g %.4g]", (double) mm->axismaps[i].min,
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:552:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(axisval[i],"%.4g", (double) defcoords[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MmMax*20], *pt;
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:590:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char axisval[4][24];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:591:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *axisnames[4];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:615:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%g ", (double) mm->defweights[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:941:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[120], *pt;
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:956:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pt, "%g ", (double) coords[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1006:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char axisval[4][24];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1007:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *axisnames[4];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1341:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%g sub ", (double) positions[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1344:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer+pos, "%g div dup 1 sub exch ", (double) (positions[i+1]-positions[i]));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1347:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer+pos, "0 ");
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1351:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer+pos, "%d -2 roll ", i+2 );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1355:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer+pos, "0 ");
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1374:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1402:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%g ", (double) axis->blends[i] );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1406:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%g sub ", (double) axis->designs[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1409:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer+pos, "%g div ", (double) ((axis->designs[i+1]-axis->designs[i])/
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1413:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer+pos, "%g add ", (double) axis->blends[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1475:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(into[i].blends,from[i].blends,into[i].points*sizeof(real));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1477:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(into[i].designs,from[i].designs,into[i].points*sizeof(real));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1505:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lines[4];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1565:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp+pos,"%g ", (double) mmw->old->defweights[i] );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1591:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp+pos,"%g ", (double) axiscoords[i] );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1599:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp+pos,"%g ", (double) weights[i] );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1618:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[120], *pt;
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1629:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%.4g ", (double) mmw->old->named_instances[i].coords[j]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1717:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80], *pt;
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1728:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pt,"%g ",(double) mmw->mm->positions[i*4+j]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1891:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(setto->defweights,weights,setto->instance_count*sizeof(real));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1896:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(setto->positions+i*setto->axis_count,dlgmm->positions+k*dlgmm->axis_count,
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1915:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1916:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g", (double) fbt );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1993:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *yesno[3];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2171:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], *pt = buffer;
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2173:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d ", (i&(1<<j))? 1: 0 );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2184:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mmw->mm->positions,positions,sizeof(positions));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[20], buf2[20], buf3[20];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2327:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1,"%g", (double) mmw->old->axismaps[di].designs[0]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2328:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2,"%g", (double) mmw->old->axismaps[di].designs[mmw->old->axismaps[di].points-1]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2329:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf3,"%g", (double) mmw->old->axismaps[di].def);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2471:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mm->instances,orig->instances,orig->instance_count*sizeof(SplineFont *));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2476:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mm->positions+i*4,orig->positions+i*orig->axis_count,orig->axis_count*sizeof(real));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2478:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mm->defweights,orig->defweights,orig->instance_count*sizeof(real));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2483:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mm->axismaps[i].blends,orig->axismaps[i].blends,mm->axismaps[i].points*sizeof(real));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2485:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mm->axismaps[i].designs,orig->axismaps[i].designs,mm->axismaps[i].points*sizeof(real));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2505:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char axisbegins[4][20], axisends[4][20], axisdefs[4][20];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2506:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *normalized[4], *designs[4];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2742:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(axisbegins[i],"50");
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2743:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(axisdefs[i],"400");
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2744:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(axisends[i],"999");
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2746:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(axisbegins[i],"%.4g", (double) mmw.mm->axismaps[i].designs[0]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2747:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(axisends[i],"%.4g", (double) mmw.mm->axismaps[i].designs[mmw.mm->axismaps[i].points-1]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2749:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(axisdefs[i],"%.4g", (double) mmw.mm->axismaps[i].def );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2751:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(axisdefs[i],"%g", (double) (mmw.mm->axismaps[i].designs[0]+
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2815:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2823:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g ",(double) mmw.mm->axismaps[i].designs[j]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2827:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%g ",(double) mmw.mm->axismaps[i].blends[j]);
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:301:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xval[40], yval[40], zval[40], dval[40], tval[40], dirval[40];
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:309:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
originx[i].text = (unichar_t *) _((char *) originx[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:311:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
originy[i].text = (unichar_t *) _((char *) originy[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:374:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( xval, "%g", rint(pov->x));
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:410:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( yval, "%g", rint(pov->y));
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:429:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( zval, "%g", rint(pov->z));
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:448:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dval, "%g", rint(pov->d));
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:467:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( tval, "%g", rint(pov->tilt*180/FF_PI));
data/fontforge-20201107~dfsg/fontforgeexe/nonlineartransui.c:499:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( dirval, "%g", rint(pov->direction*180/FF_PI));
data/fontforge-20201107~dfsg/fontforgeexe/openfontdlg.c:177:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( *(char *) def_font_filters[i].name == '-' )
data/fontforge-20201107~dfsg/fontforgeexe/openfontdlg.c:198:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( *(char *) user_font_filters[i].name == '-' )
data/fontforge-20201107~dfsg/fontforgeexe/openfontdlg.c:328:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( *(char *) def_font_filters[i].name != '-' ) {
data/fontforge-20201107~dfsg/fontforgeexe/openfontdlg.c:340:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( *(char *) user_font_filters[i].name != '-' ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:148:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *script_filenames[SCRIPT_MENU_MAX];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:773:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:989:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1000:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "1021 %d %d", r1, r2 );
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1038:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1100];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1044:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( filename!=NULL && (p=fopen(filename,"r"))!=NULL ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX+1];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1100], path[PATH_MAX];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1166:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( prefs!=NULL && (p=fopen(prefs,"r"))!=NULL ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1305:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (p=fopen(prefs,"w"))==NULL )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1423:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[60];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1429:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%3d,%2d %c%c%c%c",
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1494:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1525:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1549:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%3d,%2d %c%c%c%c",
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1566:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1612:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", temp->mac_feature_setting );
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2004:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2263:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d", *((int *) pl->val));
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2280:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%g", *((float *) pl->val));
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2366:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%g", *((float *) pl->val) * RAD2DEG);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2601:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2607:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
preserve = fopen(buffer,"w");
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2745:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2839:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d", *((int *) pl->val));
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2856:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%g", *((float *) pl->val));
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:2942:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%g", *((float *) pl->val) * RAD2DEG);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100]; const char *newname;
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:481:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:623:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("Found %1$.4g, expected %2$.4g"), (double) found, (double) expected );
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:758:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *hmsgs[5] = {
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:765:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *vmsgs[5] = {
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:772:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *imsgs[5] = {
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2561:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2732:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3072:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xnbuf[20], ynbuf[20], widthbuf[20], nearbuf[20], awidthbuf[20],
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3142:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xnbuf,"%g",xval);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3172:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ynbuf,"%g",yval);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3250:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( irrel, "%g", irrelevantfactor*100 );
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3386:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pmax, "%d", pointsmax );
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3481:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( rmax, "%d", refdepthmax );
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3572:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(widthbuf,"%g",widthval);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3635:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( hmax, "%d", hintsmax );
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3760:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yymaxbuf,"%g", bbymax_val!=0 ? bbymax_val : sf->ascent);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3784:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yyminbuf,"%g", bbymin_val!=0 ? bbymin_val : -sf->descent);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3807:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xxmaxbuf,"%g", bbxmax_val!=0 ? bbxmax_val : (double) (sf->ascent+sf->descent));
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3830:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xxminbuf,"%g",bbxmin_val);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3856:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(awidthbuf,"%g",advancewidthval);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:3881:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vawidthbuf,"%g",vadvancewidthval);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:4094:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nearbuf,"%g",near);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:4290:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ret+len,_("Bad Private Dictionary"));
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:5076:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vw_popuplist[i].ti.text = (unichar_t *) _( (char *)vw_popuplist[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:5080:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vw_subfixup[i].ti.text = (unichar_t *) S_( (char *)vw_subfixup[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:5084:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vw_subselect[i].ti.text = (unichar_t *) S_( (char *)vw_subselect[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:5189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:5317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:5386:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Validation of %.100s"), sf->fontname );
data/fontforge-20201107~dfsg/fontforgeexe/pythonui.c:347:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( md, ui, sizeof(PyMethodDef));
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:996:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1088:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", def_res );
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025], buf2[200];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1189:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (file=fopen(buffer,"r"))==NULL )
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[200];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1212:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"r");
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1234:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%.40s-%.40s-%d.sfd", sf->cidregistry,sf->ordering,supl);
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[11];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1340:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1497:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *rsb[3];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1621:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *rcb[3];
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1952:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d", bdf->pixelsize );
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1954:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( pt, "%d@%d", bdf->pixelsize, BDFDepth(bdf) );
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:2054:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
formattypes[i].text = (unichar_t *) _((char *) formattypes[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:2056:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bitmaptypes[i].text = (unichar_t *) _((char *) bitmaptypes[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_factor[40], c_add[40], sb_factor[40], sb_add[40];
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:203:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( c_factor, "%g", last_ci.c_factor );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:221:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( c_add, "%g", last_ci.c_add );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:240:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sb_factor, "%g", last_ci.sb_factor );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:258:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sb_add, "%g", last_ci.sb_add );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tagbuf[5], offset[40];
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:442:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( offset, "%g", rint( ed->small->xheight*ss_percent_xh_up[index]/100.0 ));
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:498:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[4];
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:872:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char glyph_factor[40], stem_factor[40];
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:894:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( glyph_factor, "%.2f", (double) (100*glyph_scale) );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:895:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stem_factor , "%.2f", (double) (100* stem_scale) );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:947:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char glyph_factor[40], stem_factor[40], stem_threshold[10];
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:963:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
stemwidth[i].text = (unichar_t *) _((char *) stemwidth[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:965:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
stemheight[i].text = (unichar_t *) _((char *) stemheight[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:1215:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( glyph_factor, "%.2f", (double) (100*glyph_scale) );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:1216:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stem_factor , "%.2f", (double) (100* stem_scale) );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:1249:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(stem_threshold,"%.0f",GuessStemThreshold(sf));
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:1915:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char topzone[40], botzone[40], emb_width[40], tophint[40], bothint[40], serifh[40];
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:1952:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( emb_width, "%d", sf==lastsf ? last_width : (sf->ascent+sf->descent)/20 );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2035:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( tophint, "%d", lastsf==sf && last_type==embolden_custom ? last_zones.top_bound :
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2057:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( topzone, "%d", lastsf==sf && last_type==embolden_custom ? last_zones.top_zone :
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2080:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( bothint, "%d", lastsf==sf && last_type==embolden_custom ? last_zones.bottom_bound :
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2101:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( botzone, "%d", lastsf==sf && last_type==embolden_custom ? last_zones.bottom_zone :
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2124:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( serifh, "%g", SFSerifHeight(sf));
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2299:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char def[40], *ret, *end;
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2302:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( def, "%g", last_ii.italic_angle );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2427:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lsb[3][40], stems[3][40], counters[3][40], rsb[3][40], ia[40], xp[40];
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2717:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( lsb[i], "%g", 100.0* hs->lsb_percent );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2727:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( stems[i], "%g", 100.0* hs->stem_percent );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2737:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( counters[i], "%g", 100.0* hs->counter_percent );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2747:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( rsb[i], "%g", 100.0* hs->rsb_percent );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2776:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( xp, "%g", rint(last_ii.xheight_percent*100) );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2794:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ia, "%g", last_ii.italic_angle );
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2919:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xh_c[40], xh_d[40], sh[40];
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2957:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( xh_c, "%g", rint( xi.xheight_current ));
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2974:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( xh_d, "%g", rint( xi.xheight_current ));
data/fontforge-20201107~dfsg/fontforgeexe/scstylesui.c:2991:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( sh, "%g", rint( xi.xheight_desired ));
data/fontforge-20201107~dfsg/fontforgeexe/searchview.c:463:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ubuf[150];
data/fontforge-20201107~dfsg/fontforgeexe/searchview.c:464:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ubuf,_("Find in %.100s"),sv->sd.fv->sf->fontname);
data/fontforge-20201107~dfsg/fontforgeexe/searchview.c:505:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buttons[3];
data/fontforge-20201107~dfsg/fontforgeexe/searchview.c:649:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fudgebuf[20];
data/fontforge-20201107~dfsg/fontforgeexe/searchview.c:750:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fudgebuf,"%g",old_fudge);
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:741:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(cret,"w");
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:790:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(basename,".bmp");
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:792:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(basename,".png");
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:931:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sftf_popuplist[i].ti.text = (unichar_t *) _( (char *) sftf_popuplist[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:1357:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,st->li.text,endpos*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:1358:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+endpos,st->li.text+st->sel_start,
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:1363:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+st->sel_start,temp+st->sel_end,
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:1365:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+endpos-(st->sel_end-st->sel_start),
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:1370:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+endpos,st->li.text+st->sel_start,
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:1372:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+endpos+st->sel_end-st->sel_start,st->li.text+endpos,
data/fontforge-20201107~dfsg/fontforgeexe/sfundo.c:119:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = atoi(p);
data/fontforge-20201107~dfsg/fontforgeexe/sfundo.c:196:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[2000];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:54:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unsigned int open: 1;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[90];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:146:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("Component %d %.30s (%d,%d)"),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:175:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%.30s (%d,%d)", ac->name,
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:217:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("Mark Class %.20s"),ac->name);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:230:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,_("%.30s (%d,%d)"), marks[i]->name,
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:345:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:356:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d ", kc->offsets[index*kc->second_cnt+i]);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:424:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], *pt, *start, *spt;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:437:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, _("Backtrack Match: ") );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:453:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, _("Match: ") );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:462:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, _("Lookahead Match: ") );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:478:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d ", r->u.class.bclasses[j] );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:493:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d ", r->u.class.nclasses[j] );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:508:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d ", r->u.class.fclasses[j] );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:523:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Back coverage %d: "), -j-1);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:533:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Coverage %d: "), j);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:543:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Lookahead coverage %d: "), j+r->u.coverage.ncnt);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:559:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Apply at %d %.80s"), r->lookups[j].seq,
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:571:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, _("Replacement: ") );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:592:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:618:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Backtrack class %d: "), j);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:628:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Class %d: "), j);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:638:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Lookahead class %d: "), j);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:649:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Rule %d"), j);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], *space;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:706:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Class %d: "), j);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:719:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(space, _("State %4d Next: "), j );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:721:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( space+strlen(space), "%5d", sm->state[j*sm->class_cnt+k].next_state );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:728:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(space, _("State %4d Flags:"), j );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:730:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( space+strlen(space), " %04x", sm->state[j*sm->class_cnt+k].flags );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:738:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(space, _("State %4d Mark: "), j );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:741:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(space," ");
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:743:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( space+strlen(space), " %.80s", sm->state[j*sm->class_cnt+k].u.context.mark_lookup->lookup_name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:750:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(space, _("State %4d Cur: "), j );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:753:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(space," ");
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:755:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( space+strlen(space), " %.80s", sm->state[j*sm->class_cnt+k].u.context.cur_lookup->lookup_name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:765:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, _("Nested Substitution %.80s"), used[j]->lookup_name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:790:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:799:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%.80s ", pst->u.pair.paired );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:810:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " ∆x¹=%d", pst->u.pair.vr[0].xoff );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:812:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " ∆y¹=%d", pst->u.pair.vr[0].yoff );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:814:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " ∆x_adv¹=%d", pst->u.pair.vr[0].h_adv_off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:816:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " ∆y_adv¹=%d", pst->u.pair.vr[0].v_adv_off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:818:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " ∆x²=%d", pst->u.pair.vr[1].xoff );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:820:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " ∆y²=%d", pst->u.pair.vr[1].yoff );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:822:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " ∆x_adv²=%d", pst->u.pair.vr[1].h_adv_off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:824:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), " ∆y_adv²=%d", pst->u.pair.vr[1].v_adv_off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:836:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.80s ∆y_adv¹=%d", kp->sc->name, kp->off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:838:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.80s ∆x_adv²=%d", kp->sc->name, kp->off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:840:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.80s ∆x_adv¹=%d", kp->sc->name, kp->off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1143:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strcpy(buf+7,S_((char *) languages[j].text));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1147:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,_("Language"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1193:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[120];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1204:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, _("Priority: %d"), i );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1290:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strcpy(buf+7,S_((char *) languages[j].text));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1294:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf,_("Language"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1316:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp,": ");
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1326:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1343:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d", pst->u.lcaret.carets[j] );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1514:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1522:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("%c%c%c%c Min Extent=%d, Max Extent=%d"),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1540:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1550:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Script '%c%c%c%c' on %c%c%c%c "),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1555:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer+strlen(buffer), " %c%c%c%c: %d ",
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1560:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Script '%c%c%c%c' "),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1576:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1595:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Offsets from def. baseline: romn: %d idcn: %d ideo: %d hang: %d math: %d"),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1627:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1657:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer+strlen(buffer), _(" Left Bound=%d"),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1660:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer+strlen(buffer), _(" Right Bound=%d"),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1683:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1730:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,_(" Floating accent"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1732:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,_(" Hang left"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1734:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,_(" Hang right"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1736:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,_(" Attach right"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1744:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), _(" Mirror=%.30s"), sf->glyphs[k]->name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1750:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer+strlen(buffer), _(" Mirror=%.30s"), sf->glyphs[k]->name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1852:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[120];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1897:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[120];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1944:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2140:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( node->open ) {
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2171:43: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ( node->children==NULL || !node->open )
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2181:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( node->open && node->children && node->children[0].label ) {
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2203:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ( node->open ) {
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2266:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !node->open )
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2346:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(cret,"w");
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2370:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ( node->open )
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2497:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
att_popuplist[0].ti.text = (unichar_t *) _( (char *)att_popuplist[0].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2518:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
node->open = !node->open;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2641:38: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
att->current->open = !att->current->open;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2674:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !att->current->open ) {
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2675:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
att->current->open = !att->current->open;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2969:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2979:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( buffer, _("Font Compare"));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:3115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:3135:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, _("Font to compare with %.20s"), fv->b.sf->fontname );
data/fontforge-20201107~dfsg/fontforgeexe/simplifydlg.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12], buffer2[12], buffer3[12], buffer4[12];
data/fontforge-20201107~dfsg/fontforgeexe/simplifydlg.c:175:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%.3g", olderr_rat*sim.em_size );
data/fontforge-20201107~dfsg/fontforgeexe/simplifydlg.c:272:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer2, "%.3g", oldsmooth_tan );
data/fontforge-20201107~dfsg/fontforgeexe/simplifydlg.c:337:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer3, "%.3g", oldlinefixup_rat*sim.em_size );
data/fontforge-20201107~dfsg/fontforgeexe/simplifydlg.c:377:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer4, "%.3g", oldlinelenmax_rat*sim.em_size );
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2048];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:578:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:580:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfile = fopen("/tmp/LogFile.txt","w");
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:722:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(full,": ");
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:738:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
old = fopen(buffer,"r");
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:801:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *temp = fopen(argv[i],"r");
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:802:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:845:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[buffersz+1];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:865:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[4];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:885:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH], *ext;
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1010:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[8];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1011:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env[32];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1013:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(env, "LC_ALL=");
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1038:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1088:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1203:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[MAX_PATH];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1374:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcpy(fname,buffer); strcat(fname,"/glyphs/contents.plist");
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1381:29: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcpy(fname,buffer); strcat(fname,"/font.props");
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:112:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *indicverbs[2][16] = {
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:148:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new+i*new_class_cnt, old+i*old_class_cnt, minclass*sizeof(struct asm_state));
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:160:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,this->u.kern.kerns,this->u.kern.kcnt*sizeof(int16));
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:269:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100], *temp;
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:279:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d", this->next_state );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:308:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf+strlen(buf), "%d ", this->u.kern.kerns[j]);
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:379:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->u.kern.kerns,kbuf,kerns*sizeof(int16));
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:518:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stateclass[100];
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:584:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
indicverbs_list[i].text = (unichar_t *) _((char *) indicverbs_list[i].text );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:865:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:888:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "State %d\n", s );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:892:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "Class %d\n", c );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:927:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[101];
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:962:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", i+smd->offleft );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:983:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", this->next_state );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1017:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf+strlen(buf),"%d ", this->u.kern.kerns[j]);
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1039:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if ( kddd ) strcpy(buf,"...");
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1305:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *titles[2][4] = {
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1321:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *specialclasses[4] = { N_("{End of Text}"),
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1541:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1554:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%g",ss->first->me.x);
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1560:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%g",ss->first->me.y);
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1753:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char width[30], height[30], xr[30], yr[30];
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1803:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( width, "%d", sf->ascent+sf->descent );
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1805:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( width, "%g", patternSize.x );
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1823:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( height, "%d", sf->ascent+sf->descent );
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1825:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( height, "%g", patternSize.y );
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1854:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( xr, "%d", patternRepeat.x );
data/fontforge-20201107~dfsg/fontforgeexe/tilepath.c:1870:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( yr, "%d", patternRepeat.y );
data/fontforge-20201107~dfsg/fontforgeexe/transform.c:241:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(transform,t,sizeof(t));
data/fontforge-20201107~dfsg/fontforgeexe/transform.c:288:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24]; unichar_t ubuf[24];
data/fontforge-20201107~dfsg/fontforgeexe/transform.c:296:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.1f", (double) xoff );
data/fontforge-20201107~dfsg/fontforgeexe/transform.c:299:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.1f", (double) yoff );
data/fontforge-20201107~dfsg/fontforgeexe/transform.c:303:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%.0f", atan2(yoff,xoff)*180/FF_PI );
data/fontforge-20201107~dfsg/fontforgeexe/transform.c:595:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
transformtypes[i].text = (unichar_t *) _((char *) transformtypes[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/transform.c:597:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
origin[i].text = (unichar_t *) _((char *) origin[i].text);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:54:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *instrhelppopup[256];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:291:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->ttf_instrs,id->instrs,id->instr_cnt );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:323:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tab->data,id->instrs,id->instr_cnt );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:344:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc[8], ins[8], val[8]; unichar_t uins[8], uname[30];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:398:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( loc, "%d", i );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:400:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ins, " %02x%02x", ii->instrdata->instrs[i], ii->instrdata->instrs[i+1]); uc_strcpy(uins,ins);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:401:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( val, " %d", (short) ((ii->instrdata->instrs[i]<<8) | ii->instrdata->instrs[i+1]) );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:405:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ins, " %02x", ii->instrdata->instrs[i] ); uc_strcpy(uins,ins);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:406:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( val, " %d", ii->instrdata->instrs[i]);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:418:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( ins, "%02x", instr ); uc_strcpy(uins,ins);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:858:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:907:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id->instrs,sc->ttf_instrs,id->instr_cnt);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:908:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(title,_("TrueType Instructions for %.50s"),sc->name);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1045:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1049:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", (int) (sv->len/2) );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cval[8], caddr[8];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1207:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( caddr, "%d", index );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1211:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cval, "%d", sv->edits[index] );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1291:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1302:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", sv->edits[sv->active] );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1371:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[60];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1569:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[12], *npt;
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1570:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *buts[3];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[60];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1714:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[6][20];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1767:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer[0], "%d", (data[14]<<8)|data[14+1] );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1788:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer[1], "%d", (data[16]<<8)|data[16+1] );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1809:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer[2], "%d", (data[18]<<8)|data[18+1] );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1830:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer[3], "%d", (data[24]<<8)|data[24+1] );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1851:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer[4], "%d", (data[20]<<8)|data[20+1] );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1871:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer[5], "%d", (data[22]<<8)|data[22+1] );
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1934:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[12];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1935:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100];
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1961:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id->instrs,tab->data,id->instr_cnt);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1967:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(title,_("TrueType Instructions for %.50s"),name);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40], *pt;
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *errlines[MAX_ERR_LINES];
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2500], nbuffer[2600], *str, *pt, *npt;
data/fontforge-20201107~dfsg/fontforgeexe/windowmenu.c:85:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sub,mi->sub,precnt*sizeof(struct gmenuitem));
data/fontforge-20201107~dfsg/fontforgeexe/windowmenu.c:93:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sub[i].ti.text = utf82u_mncopy((char *) sub[i].ti.text,&sub[i].ti.mnemonic);
data/fontforge-20201107~dfsg/fontforgeexe/windowmenu.c:96:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sub[i].ti.text = utf82u_copy((char *) sub[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/windowmenu.c:299:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mb[i].ti.text = (unichar_t *) S_((char *) mb[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/windowmenu.c:333:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mb[i].ti.text = (unichar_t *) S_((char *) mb[i].ti.text);
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char u8buf[1001];
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:69:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ret[ 1024 ];
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:174:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(glyphname,"backslash");
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX];
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:728:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
GGadgetSetTitle8(g,(char *) (words[0]->text));
data/fontforge-20201107~dfsg/gdraw/ctlvalues.c:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:685:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ocb[3];
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:722:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ocb[3];
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:756:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ob[2];
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:818:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ob[2];
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:838:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static GWindow ChoiceDlgCreate8(struct dlg_info *d,const char *title,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:839:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *question, va_list ap,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:840:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char **choices, int cnt, const char *multisel,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:840:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char **choices, int cnt, const char *multisel,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:841:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[2], int def,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:853:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[600];
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:910:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
w = GDrawGetText8Width(gw,(char *) llabels[i].text,-1);
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1071:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[3];
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1099:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesB8(char *title, const char **choices, int cnt, int def,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1099:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesB8(char *title, const char **choices, int cnt, int def,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[2], const char *question,...) {
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1120:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesBM8(const char *title, const char **choices,char *sel,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1120:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesBM8(const char *title, const char **choices,char *sel,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1120:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesBM8(const char *title, const char **choices,char *sel,
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1121:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int cnt, char *buts[2], const char *question,...) {
data/fontforge-20201107~dfsg/gdraw/gaskdlg.c:1128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buttons[3];
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:600:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"U+0x%04x", ch );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:602:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d", resch );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:606:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d,%d", highch, ch&0xff );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:608:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d,%d", (resch>>8)-0x20, (resch&0xff)-0x20 );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:733:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20]; unichar_t ubuf[20];
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:737:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Page: 0x%02X", inschr.page );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:739:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "Page: %d", inschr.page );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:807:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20]; unichar_t ubuffer[20];
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:836:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "U+%04lx", InsChrToUni(ch) );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:840:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d", ch );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:842:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d,%d", ((ch>>8)&0xff), (ch&0xff) );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:844:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer, "%d,%d", ((ch>>8)&0xff)-0x21, (ch&0xff)-0x21 );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cspace[100];
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:874:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cspace, " U+%04X", uch );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:876:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cspace, " 0x%05X", uch );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:878:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cspace, " 0x%06X", uch );
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:883:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Control Char U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:885:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "CJK Ideograph Extension A U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:887:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "CJK Ideograph U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:889:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Hangul Syllable U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:891:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Non Private Use High Surrogate U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:893:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Private Use High Surrogate U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:895:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Low Surrogate U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:897:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Private Use U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:899:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "CJK Ideograph Extension B 0x%05X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:901:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "CJK Ideograph Extension C 0x%05X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:903:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "CJK Ideograph Extension D 0x%05X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:905:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "CJK Ideograph Extension E 0x%05X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:907:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "CJK Ideograph Extension F 0x%05X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:909:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Supplementary Private Use Area-A 0x%05X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:911:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Supplementary Private Use Area-B 0x%06X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:914:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Unencoded Unicode U+%04X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:916:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Unencoded Unicode 0x%05X ", uch);
data/fontforge-20201107~dfsg/gdraw/gchardlg.c:918:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cspace, "Unencoded Unicode 0x%06X ", uch);
data/fontforge-20201107~dfsg/gdraw/gcolor.c:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[50];
data/fontforge-20201107~dfsg/gdraw/gcolor.c:263:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%.2f", *offs[i]);
data/fontforge-20201107~dfsg/gdraw/gcolor.c:268:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%3.0f", *offs[0]);
data/fontforge-20201107~dfsg/gdraw/gcolor.c:271:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%.2f", *offs[i]);
data/fontforge-20201107~dfsg/gdraw/gcolor.c:285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[50];
data/fontforge-20201107~dfsg/gdraw/gcolor.c:288:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%3.0f", *offs[0]);
data/fontforge-20201107~dfsg/gdraw/gcolor.c:291:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( text, "%.2f", *offs[i]);
data/fontforge-20201107~dfsg/gdraw/gcolor.c:545:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char values[7][40];
data/fontforge-20201107~dfsg/gdraw/gcolor.c:649:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( values[0], "%3.0f", *offs[0]);
data/fontforge-20201107~dfsg/gdraw/gcolor.c:651:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( values[i], "%.2f", *offs[i]);
data/fontforge-20201107~dfsg/gdraw/gcolor.c:752:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&users[i],&usercols[i],sizeof(struct hslrgb));
data/fontforge-20201107~dfsg/gdraw/gcolor.c:760:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&def,defcol,sizeof(*defcol));
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1025]; unichar_t ubuf[1025];
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:206:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,"Internal Error:\n");
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:219:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1025]; unichar_t ubuf[1025];
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1025]; unichar_t ubuf[1025];
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:238:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf,"Fatal Error:\n");
data/fontforge-20201107~dfsg/gdraw/gdrawwacomdriver.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prop_data[4];
data/fontforge-20201107~dfsg/gdraw/gdrawwacomdriver.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/fontforge-20201107~dfsg/gdraw/gdrawwacomdriver.c:157:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gdisp->wacom_fd = open("/dev/input/event0",O_RDONLY);
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8_ent_name[PATH_MAX+1];
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mime[100];
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8_ent_name[PATH_MAX+1];
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:969:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
gfcpopupmenu[i].ti.text = (unichar_t *) _( (char *) gfcpopupmenu[i].ti.text);
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:1028:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[2];
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:1115:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
gfcbookmarkmenu[i].ti.text = (unichar_t *) S_( (char *) gfcbookmarkmenu[i].ti.text);
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:1129:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mi[mcnt].ti.text = (unichar_t *) copy( (char *) mi[mcnt].ti.text);
data/fontforge-20201107~dfsg/gdraw/ggdkcdraw.c:77:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char grey_init[8] = {0x55, 0xaa, 0x55, 0xaa, 0x55, 0xaa, 0x55, 0xaa};
data/fontforge-20201107~dfsg/gdraw/ggdkcdraw.c:78:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char fence_init[8] = {0x55, 0x22, 0x55, 0x88, 0x55, 0x22, 0x55, 0x88};
data/fontforge-20201107~dfsg/gdraw/ggdkdraw.c:1306:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + stride * j, data + actual * j, actual);
data/fontforge-20201107~dfsg/gdraw/ggdkdraw.c:1928:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, sd->data, sz);
data/fontforge-20201107~dfsg/gdraw/ggdkdraw.c:1970:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, data, rlen);
data/fontforge-20201107~dfsg/gdraw/ggdkdrawlogger.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:300:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:676:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20], *str= NULL;
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:683:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%d",(int) d->u.md_ival );
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:687:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"0x%x",(int) d->u.md_ival );
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:691:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"U+%04X",(int) d->u.md_ival );
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:695:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%p", d->u.md_addr );
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:699:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buffer,"%g",d->u.md_real );
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:1081:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gme->data+(r-1)*gme->cols,gme->data+r*gme->cols,
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:1315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:1337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:1350:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strcmp((char *) mi[i].ti.userdata,val)==0;
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:1504:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
GGadgetPreparePopup8(gme->nested,(char *) enums[i].ti.text);
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:1523:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
GGadgetPreparePopup8(gme->nested,(char *) enums[i].ti.text);
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:1951:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mi[cnt].ti.text = (unichar_t *) copy( (char *) mi[cnt].ti.text );
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:2008:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gme->data,matrix->matrix_data,gme->rows*gme->cols*sizeof(struct matrix_data));
data/fontforge-20201107~dfsg/gdraw/gmatrixedit.c:2152:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gme->data,data,rows*gme->cols*sizeof(struct matrix_data));
data/fontforge-20201107~dfsg/gdraw/gmenu.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subMenuName[100];
data/fontforge-20201107~dfsg/gdraw/gmenu.c:193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/fontforge-20201107~dfsg/gdraw/gmenu.c:197:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "Flag0x%02x", 1 << i);
data/fontforge-20201107~dfsg/gdraw/gmenu.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/fontforge-20201107~dfsg/gdraw/gmenu.c:387:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[PATH_MAX];
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1033:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ret[PATH_MAX+1];
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1072:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[PATH_MAX+1];
data/fontforge-20201107~dfsg/gdraw/gresedit.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bw[20], padding[20], rr[20];
data/fontforge-20201107~dfsg/gdraw/gresedit.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/gdraw/gresedit.c:174:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", val );
data/fontforge-20201107~dfsg/gdraw/gresedit.c:272:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/fontforge-20201107~dfsg/gdraw/gresedit.c:273:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%d", val );
data/fontforge-20201107~dfsg/gdraw/gresedit.c:706:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
output = fopen( filename,"w" );
data/fontforge-20201107~dfsg/gdraw/gresedit.c:1875:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( tofree[i].bw, "%d", res->boxdata->border_width );
data/fontforge-20201107~dfsg/gdraw/gresedit.c:1914:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( tofree[i].padding, "%d", res->boxdata->padding );
data/fontforge-20201107~dfsg/gdraw/gresedit.c:1955:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( tofree[i].rr, "%d", res->boxdata->rr_radius );
data/fontforge-20201107~dfsg/gdraw/gresedit.c:2114:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( tofree[i].extradefs[l], "%d", extras->orig.ival );
data/fontforge-20201107~dfsg/gdraw/gresedit.c:2141:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( tofree[i].extradefs[l], "%g", extras->orig.dval );
data/fontforge-20201107~dfsg/gdraw/gresource.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1025], *pt;
data/fontforge-20201107~dfsg/gdraw/gresource.c:270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000];
data/fontforge-20201107~dfsg/gdraw/gresource.c:272:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename,"r");
data/fontforge-20201107~dfsg/gdraw/growcol.c:91:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ti,grc->ti+(i*grc->cols),grc->cols*sizeof(GTextInfo *));
data/fontforge-20201107~dfsg/gdraw/growcol.c:92:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(grc->ti+(i*grc->cols),grc->ti+((grc->rows-1-i)*grc->cols),grc->cols*sizeof(GTextInfo *));
data/fontforge-20201107~dfsg/gdraw/growcol.c:93:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(grc->ti+((grc->rows-1-i)*grc->cols),ti,grc->cols*sizeof(GTextInfo *));
data/fontforge-20201107~dfsg/gdraw/gsavefiledlg.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *rcb[3];
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:828:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( filename,"r" );
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:879:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:949:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(cret,"w");
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:1084:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:1092:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%g", d);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:1625:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,gt->text,endpos*sizeof(unichar_t));
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:1626:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+endpos,gt->text+gt->sel_start,
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:1631:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+gt->sel_start,temp+gt->sel_end,
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:1633:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+endpos-(gt->sel_end-gt->sel_start),
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:1638:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+endpos,gt->text+gt->sel_start,
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:1640:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+endpos+gt->sel_end-gt->sel_start,gt->text+endpos,
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:3056:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret2[c2],ret[i],len*sizeof(unichar_t));
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:773:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
arr[i].ti.text = utf82u_mncopy((char *) mi[i].ti.text,&arr[i].ti.mnemonic);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:777:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
arr[i].ti.text = utf82u_copy((char *) mi[i].ti.text);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:1104:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
arr[i].ti.text = utf82u_mncopy((char *) mi[i].ti.text,&arr[i].ti.mnemonic);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:1108:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
arr[i].ti.text = utf82u_copy((char *) mi[i].ti.text);
data/fontforge-20201107~dfsg/gdraw/gxcdraw.c:109:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char grey_init[8] = { 0x55, 0xaa, 0x55, 0xaa, 0x55, 0xaa, 0x55, 0xaa };
data/fontforge-20201107~dfsg/gdraw/gxcdraw.c:110:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char fence_init[8] = { 0x55, 0x22, 0x55, 0x88, 0x55, 0x22, 0x55, 0x88};
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], *majorcode;
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:1680:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dashes[2];
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:2347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_map_stat[32];
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:2571:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:2707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charbuf[80], *pt;
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:3849:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,sd->data,bytelen);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:3880:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,prop,bytelen);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:4221:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char grey_init[8] = { 0x55, 0xaa, 0x55, 0xaa, 0x55, 0xaa, 0x55, 0xaa };
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:4222:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char fence_init[8] = { 0x55, 0x22, 0x55, 0x88, 0x55, 0x22, 0x55, 0x88};
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:54:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[HOTKEY_ACTION_MAX_SIZE+1];
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1100];
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:227:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f = fopen(filename,"r");
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localefn[PATH_MAX+1];
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:312:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f = fopen(fn,"w");
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PATH_MAX+1];
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PATH_MAX+1];
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PATH_MAX+1];
data/fontforge-20201107~dfsg/gutils/fsys.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dirname_[MAXPATHLEN+1];
data/fontforge-20201107~dfsg/gutils/fsys.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1024];
data/fontforge-20201107~dfsg/gutils/fsys.c:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000];
data/fontforge-20201107~dfsg/gutils/fsys.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/gutils/fsys.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025], *pt;
data/fontforge-20201107~dfsg/gutils/fsys.c:409:12: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
return tmpfile();
data/fontforge-20201107~dfsg/gutils/fsys.c:411:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t temp_path[MAX_PATH + 1];
data/fontforge-20201107~dfsg/gutils/fsys.c:507:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[2000];
data/fontforge-20201107~dfsg/gutils/fsys.c:754:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/gutils/fsys.c:760:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/gutils/fsys.c:766:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/gutils/fsys.c:772:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *pt;
data/fontforge-20201107~dfsg/gutils/fsys.c:784:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/gutils/fsys.c:790:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/gutils/fsys.c:796:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/gutils/fsys.c:802:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/gutils/fsys.c:813:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH+4];
data/fontforge-20201107~dfsg/gutils/fsys.c:853:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sharedir+(pt-program_dir),"/share/fontforge");
data/fontforge-20201107~dfsg/gutils/fsys.c:869:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sharedir,"/../locale");
data/fontforge-20201107~dfsg/gutils/fsys.c:885:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sharedir,"/pixmaps");
data/fontforge-20201107~dfsg/gutils/fsys.c:1030:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(name,"rb"))!=NULL ) {
data/fontforge-20201107~dfsg/gutils/fsys.c:1053:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp = fopen( filepath, "wb" )) != NULL ) {
data/fontforge-20201107~dfsg/gutils/g_giomime.c:135:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(path,"rb"))!=NULL ) {
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(base->data+l*base->bytes_per_line,bmp.int32_pixels+i*bmp.width,bmp.width*sizeof(uint32));
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:396:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(base->data+l*base->bytes_per_line,bmp.byte_pixels+i*bmp.width,bmp.width);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:407:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(base->data+l*base->bytes_per_line,bmp.byte_pixels+i*base->bytes_per_line,base->bytes_per_line);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:414:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->u.image->clut->clut,bmp.clut,bmp.colorsused*sizeof(Color));
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:422:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->u.image->clut->clut,bmp.clut,bmp.colorsused*sizeof(Color));
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:441:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (file=fopen(filename,"rb"))==NULL ) {
data/fontforge-20201107~dfsg/gutils/gimagereadgif.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(base->data,si->RasterBits,base->width*base->height);
data/fontforge-20201107~dfsg/gutils/gimagereadjpeg.c:143:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infile = fopen(filename, "rb")) == NULL) {
data/fontforge-20201107~dfsg/gutils/gimagereadpng.c:76:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, buf->buffer+buf->read, sz);
data/fontforge-20201107~dfsg/gutils/gimagereadpng.c:223:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:259:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(filename,"rb"))==NULL ) {
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:279:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char clutb[3*256]; int i,n;
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[4]; /* Ignored */
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imagename[80]; /* Image name (0..79chars + '\0') */
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[404]; /* Ignored (total=512bytes) */
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:196:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(filename,"rb"))==NULL ) {
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:236:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(base->data + (header.height-1-i)*base->bytes_per_line,ptrtab[i],header.width);
data/fontforge-20201107~dfsg/gutils/gimagereadxbm.c:52:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (file=fopen(filename,"r"))==NULL ) {
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:286:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[80];
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:293:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fp=fopen(filename,"r"))==NULL ) {
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:331:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret->u.image->clut->clut,clut,cols*sizeof(Color));
data/fontforge-20201107~dfsg/gutils/gimagewritebmp.c:148:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file=fopen(filename,"wb"))==NULL )
data/fontforge-20201107~dfsg/gutils/gimagewritegimage.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stem[256];
data/fontforge-20201107~dfsg/gutils/gimagewritegimage.c:114:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (file=fopen(filename,"w"))==NULL ) {
data/fontforge-20201107~dfsg/gutils/gimagewritejpeg.c:178:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfile = fopen(filename, "wb")) == NULL) {
data/fontforge-20201107~dfsg/gutils/gimagewritepng.c:213:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, arr->data, arr->len);
data/fontforge-20201107~dfsg/gutils/gimagewritepng.c:227:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/fontforge-20201107~dfsg/gutils/gimagewritexbm.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stem[256];
data/fontforge-20201107~dfsg/gutils/gimagewritexbm.c:55:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (file=fopen(filename,"w"))==NULL ) {
data/fontforge-20201107~dfsg/gutils/gimagewritexpm.c:34:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char one[2], two[3];
data/fontforge-20201107~dfsg/gutils/gimagewritexpm.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stem[256];
data/fontforge-20201107~dfsg/gutils/gimagewritexpm.c:81:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (file=fopen(filename,"w"))==NULL ) {
data/fontforge-20201107~dfsg/gutils/giofile.c:160:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ept,"cygdrive");
data/fontforge-20201107~dfsg/gutils/gutils.c:36:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char author[200] = {0};
data/fontforge-20201107~dfsg/gutils/gutils.c:55:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
now = atol(source_date_epoch);
data/fontforge-20201107~dfsg/gutils/gutils.c:66:13: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
st_time = atol(getenv("SOURCE_DATE_EPOCH"));
data/fontforge-20201107~dfsg/gutils/unicodelibinfo.c:418:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,uniNamesList_names2anC((int)(n)),l);
data/fontforge-20201107~dfsg/inc/gwidget.h:129:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesB8(char *title, const char **choices, int cnt, int def,
data/fontforge-20201107~dfsg/inc/gwidget.h:129:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesB8(char *title, const char **choices, int cnt, int def,
data/fontforge-20201107~dfsg/inc/gwidget.h:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buts[2], const char *question,...);
data/fontforge-20201107~dfsg/inc/gwidget.h:131:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesBM8(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/inc/gwidget.h:131:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesBM8(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/inc/gwidget.h:131:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int GWidgetChoicesBM8(const char *title, const char **choices, char *sel,
data/fontforge-20201107~dfsg/inc/gwidget.h:132:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int cnt, char *buts[2], const char *question,...);
data/fontforge-20201107~dfsg/inc/gwidget.h:134:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern struct hslrgb GWidgetColor(const char *title,struct hslrgb *defcol,struct hslrgb fontcols[6]);
data/fontforge-20201107~dfsg/inc/gwidget.h:135:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern struct hslrgba GWidgetColorA(const char *title,struct hslrgba *defcol,struct hslrgba fontcols[6]);
data/fontforge-20201107~dfsg/inc/hotkeys.h:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char action[HOTKEY_ACTION_MAX_SIZE+1];
data/fontforge-20201107~dfsg/inc/hotkeys.h:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[HOTKEY_TEXT_MAX_SIZE+1];
data/fontforge-20201107~dfsg/po/toengb.c:100:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linebuffers[LINE_MAX][200];
data/fontforge-20201107~dfsg/po/toengb.c:135:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input = fopen("FontForge.pot", "r");
data/fontforge-20201107~dfsg/po/toengb.c:140:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
output = fopen("en_GB.po", "w");
data/fontforge-20201107~dfsg/tests/randomtest.c:115:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
foo = fopen(item->name,"rb");
data/fontforge-20201107~dfsg/tests/randomtest.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1025];
data/fontforge-20201107~dfsg/tests/randomtest.c:230:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[8096];
data/fontforge-20201107~dfsg/tests/randomtest.c:235:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
good = fopen(item->name,"r");
data/fontforge-20201107~dfsg/tests/randomtest.c:240:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
new = fopen(newfont,"w+");
data/fontforge-20201107~dfsg/tests/randomtest.c:375:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/fontforge-20201107~dfsg/Unicode/dump.c:139:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=199) {
data/fontforge-20201107~dfsg/Unicode/dump.c:362:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=399) {
data/fontforge-20201107~dfsg/Unicode/dump.c:426:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=399) {
data/fontforge-20201107~dfsg/Unicode/dump.c:564:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=399) {
data/fontforge-20201107~dfsg/Unicode/dump.c:697:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=399) {
data/fontforge-20201107~dfsg/Unicode/dump.c:814:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=399) {
data/fontforge-20201107~dfsg/Unicode/dump.c:1030:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=399) {
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:369:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bpt += strlen(bpt);
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:407:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(names[i].name)>7?"":"\t", names[i].mask );
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:462:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(in))!=EOF && ch!='\n' )
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:521:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(pt,names2[i].name,strlen(names2[i].name))==0 )
data/fontforge-20201107~dfsg/Unicode/makebuildtables.c:527:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(names2[i].name);
data/fontforge-20201107~dfsg/Unicode/makeutype.c:228:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isisolated = strncmp(apt,"<isolated>",strlen("<isolated>"))==0;
data/fontforge-20201107~dfsg/Unicode/makeutype.c:229:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iscircled = strncmp(apt,"<circle>",strlen("<circle>"))==0;
data/fontforge-20201107~dfsg/Unicode/makeutype.c:319:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start += strlen("CAPITAL LETTER");
data/fontforge-20201107~dfsg/Unicode/makeutype.c:322:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start += strlen("SMALL LETTER");
data/fontforge-20201107~dfsg/Unicode/makeutype.c:513:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=299) { /* previous version was linelength of 300 chars, jul2012 */
data/fontforge-20201107~dfsg/Unicode/makeutype.c:538:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf2,pt,pt1-pt); buf2[pt1-pt] = '\0'; pt = pt1;
data/fontforge-20201107~dfsg/Unicode/makeutype.c:577:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(pt,"<initial>",strlen("<initial>"))==0 )
data/fontforge-20201107~dfsg/Unicode/makeutype.c:579:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(pt,"<final>",strlen("<final>"))==0 )
data/fontforge-20201107~dfsg/Unicode/makeutype.c:581:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(pt,"<medial>",strlen("<medial>"))==0 )
data/fontforge-20201107~dfsg/Unicode/makeutype.c:583:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(pt,"<isolated>",strlen("<isolated>"))==0 )
data/fontforge-20201107~dfsg/Unicode/makeutype.c:604:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(oldname,pt,pt1-pt); oldname[pt1-pt] = '\0';
data/fontforge-20201107~dfsg/Unicode/makeutype.c:650:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf2, " ");
data/fontforge-20201107~dfsg/Unicode/makeutype.c:665:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=299) { /* previous version was linelength of 300 chars, jul2012 */
data/fontforge-20201107~dfsg/Unicode/makeutype.c:721:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=299) { /* previous version was linelength of 300 chars, jul2012 */
data/fontforge-20201107~dfsg/Unicode/makeutype.c:727:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( true || strncmp(buffer,"Property dump for:", strlen("Property dump for:"))==0 ) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:775:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=511) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:821:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)>=299) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:838:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf2,pt,pt1-pt); buf2[pt1-pt] = '\0'; pt = pt1;
data/fontforge-20201107~dfsg/Unicode/makeutype.c:844:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((names[index]= malloc(strlen(buf2)+strlen(prefix)+4)) == NULL) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:844:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((names[index]= malloc(strlen(buf2)+strlen(prefix)+4)) == NULL) {
data/fontforge-20201107~dfsg/Unicode/makeutype.c:887:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(names[i],"ARABIC LETTER ",strlen("ARABIC LETTER "))!=0 )
data/fontforge-20201107~dfsg/Unicode/ucharmap.c:459:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(from);
data/fontforge-20201107~dfsg/Unicode/ucharmap.c:526:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(from);
data/fontforge-20201107~dfsg/Unicode/ucharmap.c:559:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ufrom);
data/fontforge-20201107~dfsg/Unicode/ustring.c:148:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( to, from, len );
data/fontforge-20201107~dfsg/Unicode/ustring.c:183:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cu_strcpy(to+strlen(to),from);
data/fontforge-20201107~dfsg/Unicode/ustring.c:187:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cu_strncpy(to+strlen(to),from,len);
data/fontforge-20201107~dfsg/Unicode/ustring.c:211:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(p);
data/fontforge-20201107~dfsg/Unicode/ustring.c:376:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(pt);
data/fontforge-20201107~dfsg/Unicode/ustring.c:516:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint8 *pt = (const uint8 *) utf8buf, *end = pt+strlen(utf8buf);
data/fontforge-20201107~dfsg/Unicode/ustring.c:542:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return( utf82u_strncpy(ubuf,utf8buf,strlen(utf8buf)+1));
data/fontforge-20201107~dfsg/Unicode/ustring.c:557:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(utf8buf);
data/fontforge-20201107~dfsg/Unicode/ustring.c:623:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lbuf);
data/fontforge-20201107~dfsg/Unicode/ustring.c:636:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(utf8buf);
data/fontforge-20201107~dfsg/Unicode/ustring.c:874:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(to, from, old-from);
data/fontforge-20201107~dfsg/Unicode/ustring.c:884:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(utf8_str);
data/fontforge-20201107~dfsg/Unicode/ustring.c:900:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt+strlen(str)>=end ) {
data/fontforge-20201107~dfsg/Unicode/ustring.c:902:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newcr = (char *) realloc(newcr,(off+10+strlen(str))+1);
data/fontforge-20201107~dfsg/Unicode/ustring.c:977:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( line==NULL || (x=strlen(line)-1)<0 )
data/fontforge-20201107~dfsg/Unicode/ustring.c:990:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int haylen = strlen( haystack );
data/fontforge-20201107~dfsg/Unicode/ustring.c:991:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nedlen = strlen( needle );
data/fontforge-20201107~dfsg/Unicode/ustring.c:1008:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nedlen = strlen(needleZ);
data/fontforge-20201107~dfsg/Unicode/ustring.c:1080:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int retsz = strlen(s) + count*strlen(replacement) + 1;
data/fontforge-20201107~dfsg/Unicode/ustring.c:1080:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int retsz = strlen(s) + count*strlen(replacement) + 1;
data/fontforge-20201107~dfsg/Unicode/ustring.c:1095:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( output, remains, p-remains );
data/fontforge-20201107~dfsg/Unicode/ustring.c:1097:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output += strlen(output);
data/fontforge-20201107~dfsg/Unicode/ustring.c:1098:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remains = p + strlen(orig);
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:28:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,orig,pt-orig); buffer[pt-orig] = '\0';
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:35:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( pt[-1]==' ' && pt[strlen(OLD)]==' ' ) {
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:37:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,",");
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:42:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(buffer,pt+strlen(OLD));
data/fontforge-20201107~dfsg/contrib/admintools/copyright.c:120:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( ent->d_name );
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:79:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:80:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return( (getc(file)<<8)|ch1 );
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:90:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:91:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:92:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch3 = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:93:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return( (((((getc(file)<<8)|ch3)<<8)|ch2)<<8)|ch1 );
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:162:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:163:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:164:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch3 = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:170:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*x = (signed char) getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:171:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*y = (signed char) getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:179:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return( getc(file));
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:209:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (verb=getc(file))!=EOF && (verb&0x3)!=0 ) {
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:256:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
flags = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:300:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
verb = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:313:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
verb = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:351:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:471:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"/");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:499:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"/");
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:506:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename = malloc(strlen(dir)+strlen("/Intmetrics")+3);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:506:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename = malloc(strlen(dir)+strlen("/Intmetrics")+3);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:525:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buffer[i] = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:532:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = getc(file); /* low order byte */
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:533:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* version number = */ getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:534:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
flags = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:535:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n |= getc(file)<<8; /* high order byte */
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:543:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mapping[i] = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:614:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (left=getc(file))!=0 && !feof(file)) {
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:615:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (right=getc(file))!=0 && !feof(file)) {
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:706:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pattern[4] = filename[strlen(filename)-1];
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:710:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
otherdir = malloc(strlen(filename)+strlen("/../Encodings")+5);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:710:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
otherdir = malloc(strlen(filename)+strlen("/../Encodings")+5);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:713:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encfilename = malloc(strlen(otherdir)+strlen("base0encoding")+20);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:713:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
encfilename = malloc(strlen(otherdir)+strlen("base0encoding")+20);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:751:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename = malloc(strlen(dir)+strlen("/Outlines*")+3);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:751:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename = malloc(strlen(dir)+strlen("/Outlines*")+3);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:765:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(file)!='F' || getc(file)!='O' || getc(file)!='N' || getc(file)!='T' ||
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:765:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(file)!='F' || getc(file)!='O' || getc(file)!='N' || getc(file)!='T' ||
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:765:48: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(file)!='F' || getc(file)!='O' || getc(file)!='N' || getc(file)!='T' ||
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:765:67: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(file)!='F' || getc(file)!='O' || getc(file)!='N' || getc(file)!='T' ||
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:766:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(file)!='\0') { /* Final null means outline font */
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:777:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
outline.version = getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:819:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(file);
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:820:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; (ch=getc(file))!='\0' && ch!=EOF; )
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:824:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; (ch=getc(file))!='\0' && ch!=EOF; )
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:878:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( isdigit(filename[strlen(filename)-1]) )
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:921:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strlen(pt)<=4 && strncmp(pt,"help",strlen(pt))==0 )
data/fontforge-20201107~dfsg/contrib/fonttools/acorn2sfd.c:921:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strlen(pt)<=4 && strncmp(pt,"help",strlen(pt))==0 )
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:14:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:15:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:22:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:23:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:24:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:25:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:66:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(from);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:153:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ext = start+strlen(start);
data/fontforge-20201107~dfsg/contrib/fonttools/dewoff.c:177:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outname = malloc(strlen(start)+20);
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:19:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:20:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:27:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:28:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:29:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:30:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/findtable.c:104:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(argv[1])>4 || argv[1][0]=='\0' ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:110:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:111:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:117:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:118:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:119:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch3 = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:120:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch4 = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:128:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(pcl))!=EOF && ch!=escape_char );
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:131:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(pcl))==escape_char );
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:134:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:163:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:173:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:180:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(pcl)!=15 ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:184:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(pcl)!=0 ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:188:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
desc_size = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:189:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(pcl)!=15 ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:194:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:208:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:213:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(pcl)!=15 ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:217:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(pcl)!=1 ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:312:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:318:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->header_format = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:319:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->fonttype = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:320:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->style = getc(pcl)<<8;
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:321:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:325:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->orientation = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:326:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->spacing = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:331:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->widthtype = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:332:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->style |= getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:333:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->strokeweight = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:334:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->typeface = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:335:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->typeface |= getc(pcl)<<8;
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:336:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->serifstyle = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:337:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->quality = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:338:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->placement = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:339:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->upos = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:340:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->uthick = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:345:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->pitchx = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:346:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->heightx = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:350:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->fontname[i] = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:363:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->fontscaletech = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:364:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr->variety = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:374:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:447:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(from);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1031:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putshort(name,2*strlen(hdr->copyright)); /* It's unicode so 2 bytes/char */
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1033:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off = 2*strlen(hdr->copyright);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1039:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putshort(name,2*strlen(family)); /* It's unicode so 2 bytes/char */
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1041:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off += 2*strlen(family);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1046:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putshort(name,2*strlen(style)); /* It's unicode so 2 bytes/char */
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1048:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off += 2*strlen(style);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1053:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putshort(name,2*strlen(unique)); /* It's unicode so 2 bytes/char */
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1055:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off += 2*strlen(unique);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1060:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putshort(name,2*strlen(hdr->fontname)); /* It's unicode so 2 bytes/char */
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1062:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off += 2*strlen(hdr->fontname);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1067:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putshort(name,2*strlen(version)); /* It's unicode so 2 bytes/char */
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1069:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off += 2*strlen(version);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1129:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
chunk = getc(file)<<24;
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1134:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
chunk |= getc(file)<<8;
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1241:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*pt++ = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1262:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1272:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1279:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(pcl)!=4 ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1283:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(pcl)!=0 ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1287:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
desc_size = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1292:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
class = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1297:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pcl); /* orientation */
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1298:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pcl); /* reserved */
data/fontforge-20201107~dfsg/contrib/fonttools/pcl2ttf.c:1321:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pcl);
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:14:52: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( pt = str, end = str+len-1; pt<end && (ch=getc(file))!=EOF && ch!='\r' && ch!='\n';
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:20:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((ch=getc(file))!='\n' )
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:187:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(temp);
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:194:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(temp))!=EOF ) {
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:270:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(temp);
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:290:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch=getc(temp);
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:313:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define bgetc(extra,in) (*(extra)=='\0' ? getc(in) : (unsigned char ) *(extra)++ )
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:407:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen("(Binary)");
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:411:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen("StartData ");
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:417:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nrandombytes[0] = decode(getc(in));
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:418:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nrandombytes[1] = decode(getc(in));
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:419:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nrandombytes[2] = decode(getc(in));
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:420:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nrandombytes[3] = decode(getc(in));
data/fontforge-20201107~dfsg/contrib/fonttools/pfadecrypt.c:421:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i = 0; ( ch=getc(in))!=EOF && i<cnt; ++i )
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:44:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int matchlen = strlen(match1);
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:60:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(buffer)>4 && strcmp(buffer+strlen(buffer)-4,".sfd")==0 )
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:60:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(buffer)>4 && strcmp(buffer+strlen(buffer)-4,".sfd")==0 )
data/fontforge-20201107~dfsg/contrib/fonttools/rmligamarks.c:61:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(buffer+strlen(buffer)-4,"-new.sfd");
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:158:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:159:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:166:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:167:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:168:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:169:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:176:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:177:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:178:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:187:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:190:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:196:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch3 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:202:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch4 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:608:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nrec, taboff, stroff, strlen, platform;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:625:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( j=0; j<strlen; ++j )
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:626:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret[j] = getc(util);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:627:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret[strlen] = '\0';
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:636:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nrec, taboff, stroff, strlen;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:673:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( j=0; j<strlen; ++j ) {
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:674:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(util);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:800:63: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t\t%s: %02x ", panose[i].name, (unsigned int)(val= getc(ttf)) );
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:811:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%02x ", (unsigned int)(getc(ttf)) );
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:1879:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%d ", table[i] = getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:2110:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(unsigned int)(uni), getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:2167:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:2170:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
name[j] = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:3990:38: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ent = ismorx ? getushort(ttf) : getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4976:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%s ", instrs[ch = getc(ttf)]);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4978:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "(%d) ", n = getc(ttf)); ++i;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4980:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%d ", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4983:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "(%d) ", n = getc(ttf)); ++i;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4985:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1=getc(ttf); ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4985:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1=getc(ttf); ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4992:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%d ", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4997:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1=getc(ttf); ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:4997:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1=getc(ttf); ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5019:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsize = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5032:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
names[i][j] = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5062:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5064:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*operand = (12<<8) | getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5072:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5082:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*_ival = ((ch-247)<<8) + getc(ttf)+108;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5085:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*_ival = -((ch-251)<<8) - getc(ttf)-108;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5088:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ival = getc(ttf)<<8;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5089:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*_ival = (short) (ival | getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5092:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ival = getc(ttf)<<24;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5093:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ival = ival | getc(ttf)<<16;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5094:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ival = ival | getc(ttf)<<8;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5095:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*_ival = (int) (ival | getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5317:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsize = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5334:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
temp[j] = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5707:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsize = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5810:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
format = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5813:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5816:38: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%02x ", (unsigned int)(getc(ttf)) );
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5819:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5822:63: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( " Enc Range %d: First=%02x ", i, (unsigned int)(getc(ttf)) );
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5823:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "nLeft=%d\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5827:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5830:54: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( " Supplement[%d]: Encoding %d -> ", i, getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5922:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
format = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5930:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5968:38: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\tMajor Version: %d\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5969:38: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\tMinor Version: %d\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5970:52: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\tTable Header size: %d\n", hdrsize = getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:5971:46: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\tOffset size: %d\n", offsize = getc(ttf)); /* Er is this ever used? */
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6018:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%sBitmap rows=%d\n", indent, getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6019:46: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%sBitmap columns=%d\n", indent, getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6020:58: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%shoriBearingX=%d\n", indent, (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6021:58: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%shoriBearingY=%d\n", indent, (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6022:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%shoriAdvance=%d\n", indent, getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6023:58: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%svertBearingX=%d\n", indent, (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6024:58: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%svertBearingY=%d\n", indent, (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6025:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "%svertAdvance=%d\n", indent, getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6038:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
h = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6039:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
w = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6040:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sbX = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6041:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sbY = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6042:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
advance = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6051:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf); --len;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6067:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf); --len;
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6136:49: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t ascender: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6137:50: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t descender: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6138:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t widthMax: %d\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6139:60: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t caretSlopeNumerator: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6140:62: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t caretSlopeDenominator: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6141:52: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t caretOffset: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6142:52: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t minOriginSB: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6143:53: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t minAdvanceSB: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6144:52: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t maxBeforeBL: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6145:51: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t maxAfterBL: %d\n", (signed char) getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6163:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
newx = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6164:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
newy = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6165:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
oldx = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6166:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
oldy = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6192:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t ppemX: %d\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6193:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t ppemY: %d\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6194:31: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t bitDepth: %d\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6195:47: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( "\t flags: 0x%x\n\n", (unsigned int)(getc(ttf)) );
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6216:40: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( " Device widths at %dppem\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6217:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf( " Max Width %d\n", getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6220:51: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf("\t\t%s:\t%d\n", info->glyph_names[gid], getc(ttf));
data/fontforge-20201107~dfsg/contrib/fonttools/showttf.c:6260:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
corrections[i] = (int8) getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:26:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:27:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:34:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:35:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:36:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:37:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:60:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<length && (ch=getc(ttc))!=EOF ; ++i )
data/fontforge-20201107~dfsg/contrib/fonttools/stripttc.c:81:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = outfile + strlen(outfile);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:393:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:394:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:401:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:402:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:403:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:404:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:490:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:493:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
name[j] = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:857:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
arg1 = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:858:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
arg2 = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:951:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:955:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
flags[i] = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:957:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int cnt = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:969:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int off = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/ttf2eps.c:983:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int off = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:17:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:18:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:25:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:26:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:27:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:28:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(ttf);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:52:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(from);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:159:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ext = start+strlen(start);
data/fontforge-20201107~dfsg/contrib/fonttools/woff.c:190:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outname = malloc(strlen(start)+20);
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:480:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(classglyphs[i]->name)+1;
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:484:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:518:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(glyphs[i]->name)+1;
data/fontforge-20201107~dfsg/fontforge/asmfpst.c:524:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:222:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,dir,sizeof(buffer)-1-5);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:229:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eon = buffer+strlen(buffer);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:503:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt += strlen( args[j] );
data/fontforge-20201107~dfsg/fontforge/autotrace.c:506:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(args[j])+1;
data/fontforge-20201107~dfsg/fontforge/autotrace.c:614:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt==NULL ) pt = path+strlen(path);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:616:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,path,pt-path);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:619:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"/");
data/fontforge-20201107~dfsg/fontforge/autotrace.c:691:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(ent->d_name)>2 && strcmp(ent->d_name+strlen(ent->d_name)-2,"gf")==0 ) {
data/fontforge-20201107~dfsg/fontforge/autotrace.c:691:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(ent->d_name)>2 && strcmp(ent->d_name+strlen(ent->d_name)-2,"gf")==0 ) {
data/fontforge-20201107~dfsg/fontforge/autotrace.c:693:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"/");
data/fontforge-20201107~dfsg/fontforge/autotrace.c:714:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"/");
data/fontforge-20201107~dfsg/fontforge/autotrace.c:715:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eod = buffer+strlen(buffer);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:788:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arglist[ac++] = malloc(strlen(mf_args)+strlen(filename)+20);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:788:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arglist[ac++] = malloc(strlen(mf_args)+strlen(filename)+20);
data/fontforge-20201107~dfsg/fontforge/autotrace.c:791:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(arglist[1]," ");
data/fontforge-20201107~dfsg/fontforge/autowidth.c:892:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!='\n' && ch!='\r' && ch!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/autowidth.c:897:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:903:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:904:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:918:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:919:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1108:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1110:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1211:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( end==NULL ) end = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1230:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sclist[i]->name)+1;
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1235:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pt," ");
data/fontforge-20201107~dfsg/fontforge/autowidth.c:1236:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:432:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:976:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(leftglyphs[i]->name)+1;
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:987:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(leftglyphs[j]->name)+1;
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:993:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:1011:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(rightglyphs[i]->name)+1;
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:1022:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(rightglyphs[j]->name)+1;
data/fontforge-20201107~dfsg/fontforge/autowidth2.c:1028:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:341:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,bpt,sizeof(buffer)); buffer[sizeof(buffer)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:368:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer2,"-");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:401:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( enc, "0");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:409:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( enc, "1" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:412:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( enc, "3" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:415:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( enc, "0" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:418:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( enc, "0" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:423:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( enc, "0" );
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:442:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(slant,"R");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:447:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(slant,"I");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:449:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(slant,"I");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:451:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(slant,"O");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:453:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(slant,"O");
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:587:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->foundry,
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:589:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->family,
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:591:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->weight,
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:593:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->slant,
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:595:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->setwidth,
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:597:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->add_style,
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:603:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->spacing,
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:606:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->cs_reg,
data/fontforge-20201107~dfsg/fontforge/bitmapchar.c:608:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(components->cs_enc,
data/fontforge-20201107~dfsg/fontforge/cvimages.c:254:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(buffer,"(plate",strlen("plate("))!=0 ) {
data/fontforge-20201107~dfsg/fontforge/cvimages.c:259:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace( (ch=getc(plate)) ) );
data/fontforge-20201107~dfsg/fontforge/cvimages.c:267:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(plate);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:290:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(plate); /* Must be ')' */
data/fontforge-20201107~dfsg/fontforge/cvimages.c:434:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:440:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:450:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:485:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:488:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:490:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:539:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:583:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:586:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:588:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:591:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:804:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:807:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:809:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch=getc(fig))!='\n' && ch!=EOF);
data/fontforge-20201107~dfsg/fontforge/cvimages.c:867:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(fig))!='\n' && ch!=EOF );
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:1286:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(buffer);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:1313:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(cur->u.state.charname);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2886:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *space = malloc(strlen(format)+strlen(otl->lookup_name)+1);
data/fontforge-20201107~dfsg/fontforge/cvundoes.c:2886:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *space = malloc(strlen(format)+strlen(otl->lookup_name)+1);
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:1816:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( npt==NULL ) npt = strt+strlen(strt);
data/fontforge-20201107~dfsg/fontforge/dumppfa.c:2614:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( out, "%%%%BeginData: %ld Binary Bytes\n", (long) (len+strlen(buffer)));
data/fontforge-20201107~dfsg/fontforge/encoding.c:211:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int esc_len = strlen(escape_sequence);
data/fontforge-20201107~dfsg/fontforge/encoding.c:259:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,name,sizeof(buffer));
data/fontforge-20201107~dfsg/fontforge/encoding.c:265:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,name,3);
data/fontforge-20201107~dfsg/fontforge/encoding.c:266:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer+3,name+4,sizeof(buffer)-3);
data/fontforge-20201107~dfsg/fontforge/encoding.c:442:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strtol(name+strlen(name)-2,NULL,10)>=16 )
data/fontforge-20201107~dfsg/fontforge/encoding.c:728:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/encoding.c:740:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename) >= 20
data/fontforge-20201107~dfsg/fontforge/encoding.c:741:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strcmp(filename + strlen(filename) - 20, "GlyphOrderAndAliasDB")){
data/fontforge-20201107~dfsg/fontforge/encoding.c:850:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( cidmaster->ordering );
data/fontforge-20201107~dfsg/fontforge/encoding.c:893:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,map->name[cid],len);
data/fontforge-20201107~dfsg/fontforge/encoding.c:960:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len, rlen = strlen(registry), olen=strlen(ordering);
data/fontforge-20201107~dfsg/fontforge/encoding.c:960:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len, rlen = strlen(registry), olen=strlen(ordering);
data/fontforge-20201107~dfsg/fontforge/encoding.c:978:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (len = strlen(ent->d_name))<8 )
data/fontforge-20201107~dfsg/fontforge/encoding.c:994:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(dir)+1+len+1);
data/fontforge-20201107~dfsg/fontforge/encoding.c:996:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ret,"/");
data/fontforge-20201107~dfsg/fontforge/encoding.c:1007:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(dir)+1+strlen(maybe)+1);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1007:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(dir)+1+strlen(maybe)+1);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1009:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ret,"/");
data/fontforge-20201107~dfsg/fontforge/encoding.c:1074:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(f);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1083:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(f);
data/fontforge-20201107~dfsg/fontforge/encoding.c:1341:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(pt,reg,strlen(reg))==0 )
data/fontforge-20201107~dfsg/fontforge/encoding.c:1342:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmap->registry = readpsstr(pt+strlen(reg));
data/fontforge-20201107~dfsg/fontforge/encoding.c:1343:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(pt,ord,strlen(ord))==0 )
data/fontforge-20201107~dfsg/fontforge/encoding.c:1344:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmap->ordering = readpsstr(pt+strlen(ord));
data/fontforge-20201107~dfsg/fontforge/encoding.c:1345:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(pt,sup,strlen(sup))==0 ) {
data/fontforge-20201107~dfsg/fontforge/encoding.c:1346:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( pt += strlen(sup); isspace(*pt); ++pt );
data/fontforge-20201107~dfsg/fontforge/encoding.c:1355:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(end,bcsr,strlen(bcsr))==0 ) {
data/fontforge-20201107~dfsg/fontforge/encoding.c:1357:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(end,bndr,strlen(bndr))==0 ) {
data/fontforge-20201107~dfsg/fontforge/encoding.c:1359:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(end,bcr,strlen(bcr))==0 ) {
data/fontforge-20201107~dfsg/fontforge/encoding.c:1361:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(end,bcc,strlen(bcc))==0 ) {
data/fontforge-20201107~dfsg/fontforge/encoding.c:2601:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(from,encname->iso_2022_escape,encname->iso_2022_escape_len );
data/fontforge-20201107~dfsg/fontforge/encoding.c:2678:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( i==-1 && strlen(name)==4 ) {
data/fontforge-20201107~dfsg/fontforge/featurefile.c:131:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(start)+1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:149:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(nm)+len+1 >72 ) {
data/fontforge-20201107~dfsg/fontforge/featurefile.c:154:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(nm)+1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:300:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( text!=NULL && strlen(text)+len+2 > 72 )) {
data/fontforge-20201107~dfsg/fontforge/featurefile.c:309:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(text)+2;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:780:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( len+(pst==NULL?4:strlen(pst->u.subs.variant))>80 ) {
data/fontforge-20201107~dfsg/fontforge/featurefile.c:786:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(pst->u.subs.variant);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:804:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(r->u.coverage.ncovers[n])+1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:808:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(r->u.coverage.ncovers[n]);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:1610:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(clsnames[i])+8;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:1620:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( len+strlen(sc->name)+1 >80 ) {
data/fontforge-20201107~dfsg/fontforge/featurefile.c:1626:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sc->name)+1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2083:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpt += strlen(cpt);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2152:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(class1), len2 = strlen(class2);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2152:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(class1), len2 = strlen(class2);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2188:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(class1 + i, class1 + i_end, (strlen(class1 + i_end) + 1) * sizeof (char));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2190:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(class2 + j, class2 + j_end, (strlen(class2 + j_end) + 1) * sizeof (char));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2396:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2398:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2402:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2406:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2469:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2472:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(in))!=EOF && ch!='\n' && ch!='\r' );
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2475:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2481:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2499:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
peekch=getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2510:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2512:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2519:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2539:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2542:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2548:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2632:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2634:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2645:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(tok->tokbuf)==4 && isalnum(tok->tokbuf[0])) {
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2664:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pt = tok->tokbuf + strlen(tok->tokbuf);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2666:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2669:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch = getc(in))!=EOF && isdigit(ch)) {
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2783:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sames->glyphs)+1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2787:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2829:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(contents);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:2841:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cnt += strlen(contents);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:3008:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(last_glyph)==strlen(tok->tokbuf) &&
data/fontforge-20201107~dfsg/fontforge/featurefile.c:3008:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(last_glyph)==strlen(tok->tokbuf) &&
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4054:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
after = next+strlen(next);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4082:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( g->name_or_class ) +1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4086:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen( pt );
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4394:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(g->name_or_class)+1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4399:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(g->name_or_class);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4426:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(g->name_or_class)+1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4442:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sames->glyphs)+1;
data/fontforge-20201107~dfsg/fontforge/featurefile.c:4450:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5195:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(in))!=EOF && ch!='"' ) {
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5203:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5551:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5560:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(in))!=EOF && ch!='"' );
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5585:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5587:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( ch=getc(in); isdigit(ch); ch=getc(in));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:5587:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( ch=getc(in); isdigit(ch); ch=getc(in));
data/fontforge-20201107~dfsg/fontforge/featurefile.c:6354:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
acs[i]->name = malloc(strlen(classes[i]->name)+10);
data/fontforge-20201107~dfsg/fontforge/featurefile.c:7142:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *namebuf = malloc(strlen( otl->lookup_name )+8 );
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1692:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(old->filename)+20);
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1697:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,"~");
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1707:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,"~");
data/fontforge-20201107~dfsg/fontforge/fontviewbase.c:1714:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(old->filename)+20);
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1078:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( semi==NULL ) semi = ligstart+strlen(ligstart);
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1109:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( dpt==NULL || strncmp(dpt,".isolated",strlen(".isolated"))==0 )
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1111:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(dpt,".initial",strlen(".initial"))==0 )
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1113:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(dpt,".final",strlen(".final"))==0 )
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1294:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(sc->name,"vertuni",7)==0 && strlen(sc->name)==11 ) {
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:1826:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uc_accent = malloc(strlen(rsc->name)+11);
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:2575:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(sc->name,"vertuni",7)==0 && strlen(sc->name)==11 ) {
data/fontforge-20201107~dfsg/fontforge/fvcomposite.c:2943:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,asc->name,pt-asc->name);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:67:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tpt = temp = malloc(strlen(name)+2);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:151:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch = getc(bdf)));
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:154:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(bdf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:307:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(bdf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:368:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch1=getc(bdf)) );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:369:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(bdf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:394:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(bdf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:398:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch1 = getc(bdf)) != '\n')
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:419:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(getc(bdf)) );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:420:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(bdf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:549:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( eol=buf+strlen(buf)-1; eol>=buf && isspace(*eol); --eol);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:639:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(family,buf,99);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:642:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(full,buf,99);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:645:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(weight,buf,99);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:648:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(italic,buf,99);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:653:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(comments,buf,999);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:657:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pt = comments+strlen(comments);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:659:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pt,buf,eoc-pt);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:675:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(italic,""); /* Ignore roman */
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:677:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( comments[0]!='\0' && comments[strlen(comments)-1]=='\n' )
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:678:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comments[strlen(comments)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:769:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cmd = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:774:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(gf); getc(gf); getc(gf); getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:774:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(gf); getc(gf); getc(gf); getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:774:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(gf); getc(gf); getc(gf); getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:774:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(gf); getc(gf); getc(gf); getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:777:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:778:42: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<val; ++i ) buffer[i] = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:798:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:799:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:800:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<val; ++i ) getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:803:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:804:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:805:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:806:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<val; ++i ) getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:810:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<val; ++i ) getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:830:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:836:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:844:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:883:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:885:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
enc = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:891:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
enc = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:892:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dx = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:901:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:910:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* encoding = */ getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:911:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
w = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:912:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
max_c = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:914:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
w = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:915:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
max_r = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:945:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:952:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(gf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:979:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r += getc(gf)+1;
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1004:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cmd = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1011:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pk); getc(pk); getc(pk); getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1011:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pk); getc(pk); getc(pk); getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1011:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pk); getc(pk); getc(pk); getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1011:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pk); getc(pk); getc(pk); getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1014:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1015:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<val; ++i ) getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1018:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1019:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1020:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<val; ++i ) getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1023:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1024:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1025:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1026:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<val; ++i ) getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1029:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1030:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1031:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1032:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1033:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<val; ++i ) getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1051:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1054:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1057:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1058:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<ch; ++i ) getc(pk); /* Skip comment. Perhaps that should be the family? */
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1088:91: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define getnibble(pk,st) (st->hold==1?(st->hold=0,(st->byte&0xf)):(st->hold=1,(((st->byte=getc(pk))>>4))) )
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1112:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int flag = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1144:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cc = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1154:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pl = getc(pk) + ((flag&3)<<8);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1155:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cc = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1158:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dm = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1160:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
w = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1161:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
h = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1162:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hoff = (signed char) getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1163:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
voff = (signed char) getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1196:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pk);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1332:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int val = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1333:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val |= (getc(file)<<8);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1334:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val |= (getc(file)<<16);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1335:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val |= (getc(file)<<24);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1342:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1343:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1344:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1345:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1347:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1348:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val |= (getc(file)<<8);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1349:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val |= (getc(file)<<16);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1350:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val |= (getc(file)<<24);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1358:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1359:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) | getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1361:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1362:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val |= (getc(file)<<8);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1397:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
metric->lsb = getc(file)-0x80;
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1398:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
metric->rsb = getc(file)-0x80;
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1399:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
metric->width = getc(file)-0x80;
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1400:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
metric->ascent = getc(file)-0x80;
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1401:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
metric->descent = getc(file)-0x80;
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1422:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accel->noOverlap = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1423:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accel->constantMetrics = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1424:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accel->terminalFont = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1425:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accel->constantWidth = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1426:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accel->inkInside = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1427:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accel->inkMetrics = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1428:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
accel->drawDirection = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1429:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* padding = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1468:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
props[i].isStr = getc(file);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1499:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(weight,props[i].value,sizeof(weight)-1);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1503:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(italic,props[i].value,sizeof(italic)-1);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1505:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(encname,props[i].value,sizeof(encname)-1);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1556:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(italic,""); /* Ignore roman */
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1928:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( pt = fn+strlen(fn)-1; pt>fn && *pt!='-'; --pt );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1949:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = malloc(strlen(family)+strlen(mods)+2);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1949:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = malloc(strlen(family)+strlen(mods)+2);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:1950:23: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcpy(n,family); strcat(n," "); strcat(n,mods);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2048:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ispk==1 && strcmp(filename+strlen(filename)-2,"gf")==0 )
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2087:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(bdf))!='\n' && ch!='\r' && ch!=EOF );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2172:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(bdf))!=EOF && ch!='\n' && ch!='\r' );
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2174:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(bdf);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2212:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(dir)+strlen(GFileNameTail(filename))+2);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2212:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(dir)+strlen(GFileNameTail(filename))+2);
data/fontforge-20201107~dfsg/fontforge/fvimportbdf.c:2214:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp,"/");
data/fontforge-20201107~dfsg/fontforge/glyphcomp.c:2010:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( fd->held[strlen(fd->held)-1]!='\n' )
data/fontforge-20201107~dfsg/fontforge/groups.c:141:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))==' ' )
data/fontforge-20201107~dfsg/fontforge/groups.c:152:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF && ch!='\n' && ch!='\r' );
data/fontforge-20201107~dfsg/fontforge/groups.c:156:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/groups.c:166:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/groups.c:171:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0 ; (ch=getc(file))!=EOF && ch!='"' ; ++i ) {
data/fontforge-20201107~dfsg/fontforge/groups.c:204:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch = getc(file))==':' )
data/fontforge-20201107~dfsg/fontforge/groups.c:205:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/groups.c:207:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/groups.c:214:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch = getc(file))==' ' );
data/fontforge-20201107~dfsg/fontforge/ikarus.c:553:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fullname,pt,80);
data/fontforge-20201107~dfsg/fontforge/ikarus.c:617:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(file);
data/fontforge-20201107~dfsg/fontforge/ikarus.c:618:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2031:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(word_buf,freq[last].utf8_letter,strlen(freq[last].utf8_letter))==0 )
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2073:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2193:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/langfreq.c:2215:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/lookups.c:1632:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ubuf+7, (char *) friendlies[k].friendlyname,end-ubuf-7);
data/fontforge-20201107~dfsg/fontforge/lookups.c:1677:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
userfriendly = malloc( strlen(lookuptype) + 10);
data/fontforge-20201107~dfsg/fontforge/lookups.c:1734:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
otl->lookup_name = malloc( strlen(userfriendly)+strlen(format)+strlen(script)+10 );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1734:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
otl->lookup_name = malloc( strlen(userfriendly)+strlen(format)+strlen(script)+10 );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1734:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
otl->lookup_name = malloc( strlen(userfriendly)+strlen(format)+strlen(script)+10 );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1738:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
otl->lookup_name = malloc( strlen(userfriendly)+strlen(format)+10 );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1738:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
otl->lookup_name = malloc( strlen(userfriendly)+strlen(format)+10 );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1769:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subtable->subtable_name = malloc( strlen(otl->lookup_name)+strlen(format)+10 );
data/fontforge-20201107~dfsg/fontforge/lookups.c:1769:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subtable->subtable_name = malloc( strlen(otl->lookup_name)+strlen(format)+10 );
data/fontforge-20201107~dfsg/fontforge/lookups.c:2766:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3220:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( name );
data/fontforge-20201107~dfsg/fontforge/lookups.c:3251:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( name );
data/fontforge-20201107~dfsg/fontforge/lookups.c:3297:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( name );
data/fontforge-20201107~dfsg/fontforge/lookups.c:3878:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rlen = strlen(rpl);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3889:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *new = malloc(pt-base+strlen(pt)+rlen-slen+1);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3900:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ch, match, slen = strlen(search);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3925:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = *haystack + (start-base)+strlen(rpl);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3928:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = start+strlen(rpl);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3938:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(search);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3941:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( slen>=strlen( base ))
data/fontforge-20201107~dfsg/fontforge/lookups.c:3963:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = *haystack + (start-base) + strlen(rpl);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3966:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = start+strlen(rpl);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3974:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(search);
data/fontforge-20201107~dfsg/fontforge/lookups.c:3976:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( slen>=strlen( haystack ))
data/fontforge-20201107~dfsg/fontforge/lookups.c:4342:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(names[i])+1;
data/fontforge-20201107~dfsg/fontforge/lookups.c:4348:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(names[i]);
data/fontforge-20201107~dfsg/fontforge/lookups.c:4574:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name);
data/fontforge-20201107~dfsg/fontforge/lookups.c:4656:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( end==NULL ) end = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/lookups.c:4721:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt = ret = malloc(strlen(str)+1);
data/fontforge-20201107~dfsg/fontforge/lookups.c:4723:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( pt=str+strlen(str); pt>str; pt=start ) {
data/fontforge-20201107~dfsg/fontforge/lookups.c:4755:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max = ( rule->u.glyph.names ? strlen(rule->u.glyph.names) : 0 ) +
data/fontforge-20201107~dfsg/fontforge/lookups.c:4756:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( rule->u.glyph.back ? strlen(rule->u.glyph.back) : 0 ) +
data/fontforge-20201107~dfsg/fontforge/lookups.c:4757:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( rule->u.glyph.fore ? strlen(rule->u.glyph.fore) : 0 ) +
data/fontforge-20201107~dfsg/fontforge/lookups.c:4923:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newr = malloc(ecnt*(strlen(parsed[cnt].replacements)+1)+1);
data/fontforge-20201107~dfsg/fontforge/lookups.c:4928:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newr," ");
data/fontforge-20201107~dfsg/fontforge/lookups.c:5057:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen += strlen(parsed[i].entity)+1;
data/fontforge-20201107~dfsg/fontforge/lookups.c:5059:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mlen += strlen(parsed[i].entity)+1;
data/fontforge-20201107~dfsg/fontforge/lookups.c:5061:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen += strlen(parsed[i].entity)+1;
data/fontforge-20201107~dfsg/fontforge/lookups.c:5072:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rule->u.glyph.back," ");
data/fontforge-20201107~dfsg/fontforge/lookups.c:5076:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rule->u.glyph.names," ");
data/fontforge-20201107~dfsg/fontforge/lookups.c:5080:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rule->u.glyph.fore," ");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:304:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(pfbfile)!=0x80 ) {
data/fontforge-20201107~dfsg/fontforge/macbinary.c:309:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
type = getc(pfbfile);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:320:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = getc(pfbfile);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:321:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len |= (getc(pfbfile))<<8;
data/fontforge-20201107~dfsg/fontforge/macbinary.c:322:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len |= (getc(pfbfile))<<16;
data/fontforge-20201107~dfsg/fontforge/macbinary.c:323:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len |= (getc(pfbfile))<<24;
data/fontforge-20201107~dfsg/fontforge/macbinary.c:335:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
putc(getc(pfbfile),res);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:352:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(ttffile))!=EOF )
data/fontforge-20201107~dfsg/fontforge/macbinary.c:847:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !sf->familyname || strnmatch(sf->familyname,sf->fontname,strlen(sf->familyname))!=0 )
data/fontforge-20201107~dfsg/fontforge/macbinary.c:851:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( sf->fontname[strlen(sf->familyname)]=='-' )
data/fontforge-20201107~dfsg/fontforge/macbinary.c:859:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putc(strlen(sf->fontname),res); /* basename is full name */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:863:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(sf->fontname+1,1,strlen(sf->fontname+1),res);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:865:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = sf->fontname+strlen(sf->familyname);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:866:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putc(strlen(sf->familyname),res);/* basename */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:869:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(sf->familyname+1,1,strlen(sf->familyname+1),res);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:873:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putc(strlen(pt),res); /* length of... */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:874:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(pt,1,strlen(pt),res); /* everything else */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:882:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putc(strlen(pt),res); /* length of ... */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:883:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(pt,1,strlen(pt),res); /* everything else */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:929:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putc(strlen(fontname),res);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1159:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
famlen = strlen(familyname);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1163:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(psfaces[0]->sf->familyname))==0 )
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1164:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
famlen = strlen(psfaces[0]->sf->familyname);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1314:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putc(strlen(rtypes[i].res[j].name),res); /* Length */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1315:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(rtypes[i].res[j].name,1,strlen(rtypes[i].res[j].name),res);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1386:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,pt,sizeof(buffer)-1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1402:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*hpt++ = strlen( pt );
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1629:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.macfilename = malloc(strlen(filename)+strlen(buffer)+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1629:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.macfilename = malloc(strlen(filename)+strlen(buffer)+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1735:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
binfilename = malloc(strlen(filename)+strlen(".bmap.dfont")+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1735:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
binfilename = malloc(strlen(filename)+strlen(".bmap.dfont")+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1741:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dpt = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1746:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dpt = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1818:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempname = malloc(strlen(filename)+strlen(buffer)+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1818:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempname = malloc(strlen(filename)+strlen(buffer)+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1824:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tf = malloc(strlen(filename)+20);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1830:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = filename+strlen(filename)+1;
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1976:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* flags = */ getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1977:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1977:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:1978:45: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsets[i] = rdata_pos+((ch1<<16)|(ch2<<8)|getc(f));
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2011:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2011:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2096:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* flags = */ getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2097:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2097:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2098:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
roff = rdata_pos+((ch1<<16)|(ch2<<8)|getc(f));
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2115:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
find[strlen(find)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2147:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* flags = */ getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2148:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2148:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2149:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
roff = rdata_pos+((ch1<<16)|(ch2<<8)|getc(f));
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2299:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* flags = */ getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2300:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2300:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2301:41: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offset = rdata_pos+((ch1<<16)|(ch2<<8)|getc(f));
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2311:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2364:41: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cur->stylekerns[j].kerns[k].ch1 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2365:41: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cur->stylekerns[j].kerns[k].ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2379:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stringoffsets[j] = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2383:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stringlen = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2388:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
strings[j][k+1] = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2534:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,family,200);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2536:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"-");
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2580:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
find[strlen(find)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2720:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* flags = */ getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2721:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2721:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f); ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2722:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
roff = rdata_pos+((ch1<<16)|(ch2<<8)|getc(f));
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2936:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
respath = malloc(strlen(tempfn)+strlen("/..namedfork/rsrc")+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:2936:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
respath = malloc(strlen(tempfn)+strlen("/..namedfork/rsrc")+1);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3021:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(f))!=':' ); /* There may be comments before file start */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3023:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(f))!=':' ) {
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3055:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(binary); /* Name length */
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3058:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(binary);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3059:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(binary)!='\0' ) {
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3159:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( dpt==NULL ) dpt = spt+strlen(spt);
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3160:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( dpt-spt>8 || strlen(dpt)>4 ) {
data/fontforge-20201107~dfsg/fontforge/macbinary.c:3162:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(exten,dpt,7);
data/fontforge-20201107~dfsg/fontforge/macenc.c:1145:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(in);
data/fontforge-20201107~dfsg/fontforge/macenc.c:1163:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(str)*4+1);
data/fontforge-20201107~dfsg/fontforge/macenc.c:1196:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(ustr);
data/fontforge-20201107~dfsg/fontforge/macenc.c:1197:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outlen = sizeof(unichar_t)*strlen(ustr);
data/fontforge-20201107~dfsg/fontforge/macenc.c:1224:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(ustr)+1);
data/fontforge-20201107~dfsg/fontforge/macenc.c:1314:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(loc,LanguageCodesFromMacLang[i],strlen(LanguageCodesFromMacLang[i]))==0 ) {
data/fontforge-20201107~dfsg/fontforge/mem.c:61:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mem.c:62:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mem.c:71:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mem.c:72:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mem.c:73:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mem.c:82:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mem.c:83:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mem.c:84:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mem.c:85:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/mm.c:103:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(mm->normal->familyname)+ strlen(styles)+3 );
data/fontforge-20201107~dfsg/fontforge/mm.c:103:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(mm->normal->familyname)+ strlen(styles)+3 );
data/fontforge-20201107~dfsg/fontforge/mm.c:105:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hyphen = ret+strlen(ret);
data/fontforge-20201107~dfsg/fontforge/mm.c:106:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hyphen," ");
data/fontforge-20201107~dfsg/fontforge/mm.c:114:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = ret = malloc(strlen(mm->normal->familyname)+ mm->axis_count*15 + 1);
data/fontforge-20201107~dfsg/fontforge/mm.c:116:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/mm.c:125:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/mm.c:232:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( hold[j] )+1;
data/fontforge-20201107~dfsg/fontforge/mm.c:240:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/mm.c:625:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/namelist.c:139:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(name)==6 || strlen(name)==7)) {
data/fontforge-20201107~dfsg/fontforge/namelist.c:139:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(name)==6 || strlen(name)==7)) {
data/fontforge-20201107~dfsg/fontforge/namelist.c:145:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( name[0]=='u' && strlen(name)>=5 ) {
data/fontforge-20201107~dfsg/fontforge/namelist.c:434:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( refs[i]->name )+1;
data/fontforge-20201107~dfsg/fontforge/namelist.c:438:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/namelist.c:567:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buffer );
data/fontforge-20201107~dfsg/fontforge/namelist.c:759:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(sc->name)>sizeof(space)-1 )
data/fontforge-20201107~dfsg/fontforge/namelist.c:859:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off = strlen(bits[i].rpl->name) - (bits[i].end-bits[i].start);
data/fontforge-20201107~dfsg/fontforge/namelist.c:867:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(bits[i].rpl->name);
data/fontforge-20201107~dfsg/fontforge/namelist.c:874:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int totlen = strlen(*_src);
data/fontforge-20201107~dfsg/fontforge/namelist.c:883:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
last += strlen(bits[i].rpl->name);
data/fontforge-20201107~dfsg/fontforge/noprefs.c:577:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strchr(enc,'@')!=NULL && strlen(enc)<sizeof(buffer)-1 ) {
data/fontforge-20201107~dfsg/fontforge/noprefs.c:694:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fseek(p,-(strlen(line)-strlen("MacFeat:")),SEEK_CUR);
data/fontforge-20201107~dfsg/fontforge/noprefs.c:694:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fseek(p,-(strlen(line)-strlen("MacFeat:")),SEEK_CUR);
data/fontforge-20201107~dfsg/fontforge/noprefs.c:695:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("MacFeat:")] ='\0';
data/fontforge-20201107~dfsg/fontforge/noprefs.c:697:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fseek(p,-strlen(line),SEEK_CUR);
data/fontforge-20201107~dfsg/fontforge/noprefs.c:733:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line[strlen(line)-1]=='\n' )
data/fontforge-20201107~dfsg/fontforge/noprefs.c:734:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/noprefs.c:735:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line[strlen(line)-1]=='\r' )
data/fontforge-20201107~dfsg/fontforge/noprefs.c:736:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/noprefs.c:738:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(line,"Recent:",strlen("Recent:"))==0 && ri<RECENT_MAX )
data/fontforge-20201107~dfsg/fontforge/noprefs.c:740:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"MenuScript:",strlen("MenuScript:"))==0 && ms<SCRIPT_MENU_MAX )
data/fontforge-20201107~dfsg/fontforge/noprefs.c:742:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"MenuName:",strlen("MenuName:"))==0 && mn<SCRIPT_MENU_MAX )
data/fontforge-20201107~dfsg/fontforge/noprefs.c:744:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"MacMapCnt:",strlen("MacSetCnt:"))==0 ) {
data/fontforge-20201107~dfsg/fontforge/noprefs.c:748:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"MacMapping:",strlen("MacMapping:"))==0 && msp<msc ) {
data/fontforge-20201107~dfsg/fontforge/noprefs.c:750:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"MacFeat:",strlen("MacFeat:"))==0 ) {
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:46:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( str[strlen(str)-1]!='\n' )
data/fontforge-20201107~dfsg/fontforge/nouiutil.c:57:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( str[strlen(str)-1]!='\n' )
data/fontforge-20201107~dfsg/fontforge/othersubrs.c:529:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buffer);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:87:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sf->fontname = malloc(strlen(family)+strlen(style)+2);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:87:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sf->fontname = malloc(strlen(family)+strlen(style)+2);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:90:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sf->fontname,"-");
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:261:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offset = (int8) getc(file);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:262:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
width = (int8) getc(file);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:287:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; (ch=getc(file))!=0 && ch!=EOF; ++i);
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:290:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=0 && ch!=EOF )
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:317:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
version = getc(file); /* version number of font bucket format. currently 0 */
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:324:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(file)!=0 ) /* not interested in system fonts */
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:398:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fn = malloc(strlen(filename)+8), *pt1, *pt2;
data/fontforge-20201107~dfsg/fontforge/palmfonts.c:407:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt2 = fn+strlen(fn);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:111:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( keyword );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:112:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int end_len = end==NULL ? 0 : strlen(end);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:122:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(pdf))<0 ) return( false );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:135:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(pdf))<0 ) return( false );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:198:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch=getc(pdf)));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:200:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pdf)=='b' && \
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:201:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pdf)=='j' && \
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:202:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
isspace(getc(pdf)) )
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:269:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(pdf))>=0 ) ungetc(ch,pdf);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:279:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(pdf))>=0 ) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:282:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(pdf))>=0 && ch!='\n' && ch!='\r' );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:300:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(pdf))!='/' ) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:305:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( ch=getc(pdf) ;; ch=getc(pdf) ) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:305:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( ch=getc(pdf) ;; ch=getc(pdf) ) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:333:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pdf);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:344:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(pdf))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:386:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pdf);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:409:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pdf);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:412:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(pdf); /* Eat the second '<' */
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:463:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch = getc(stream)) );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:466:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(stream);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:483:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch = getc(stream)) );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:487:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(stream);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:662:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt[strlen(pt)-1]!='R' )
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:744:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch1=getc(from))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:745:47: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( !ishexdigit(ch1) && ch1!=EOF ) ch1 = getc(from);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:746:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch2=getc(from))!=EOF && !ishexdigit(ch2));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:760:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch1=getc(from)));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:769:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch2=getc(from)));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:770:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch3=getc(from)));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:771:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch4=getc(from)));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:772:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch5=getc(from)));
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:850:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch1=getc(from))!=EOF && ch1!=0x80 ) { /* 0x80 => EOD */
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:853:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(from);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:858:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(from);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:886:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(pdf))!=EOF && ch!='m' ); /* Skip over >>\nstream */
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:887:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(pdf))=='\r' ) ch = getc(pdf); /* Skip the newline */
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:887:38: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(pdf))=='\r' ) ch = getc(pdf); /* Skip the newline */
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:891:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(pdf))!=EOF )
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:907:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen("ASCIIHexDecode");
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:910:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen("ASCII85Decode");
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:918:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen("FlateDecode");
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:921:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen("RunLengthDecode");
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:947:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(f))<0 ) return( 1 );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1110:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch = getc(file)) );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1113:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF && ch!='\r' && ch!='\n' );
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1125:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1140:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1145:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF && ch!='>' )
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1149:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1172:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF && !isspace(ch) && ch!='%' &&
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1181:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF && !isspace(ch) && ch!='%' &&
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1319:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stack[sp++].u.str = copyn(tokbuf+1,strlen(tokbuf)-2);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1697:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = realloc(name,strlen(name)+8);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1700:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = realloc(name,strlen(name)+strlen(nname)+10);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1700:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = realloc(name,strlen(name)+strlen(nname)+10);
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1701:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "_");
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1778:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nhex = (strlen(tok))/4;
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1787:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 1; j<nhex && strlen(ccval) >= 4; j++) {
data/fontforge-20201107~dfsg/fontforge/parsepdf.c:1828:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tok) >= 8) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:898:52: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( pt = str, end = str+len-1; pt<end && (ch=getc(file))!=EOF && ch!='\r' && ch!='\n';
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:904:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((ch=getc(file))!='\n' )
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:919:52: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( pt = str, end = str+len-1; pt<end && (ch=getc(file))!=EOF && ch!='\r' && ch!='\n'; ) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:927:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((ch=getc(file))!='\n' )
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:966:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ret+len-1,start,end-start);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:987:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ret,start,end-start);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1155:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = line+strlen(line)-1;
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1307:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(pt)>5 ) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1328:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, num_to_check = strlen(str);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1354:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (backpt = str + strlen(str) - 1; backpt >= str; backpt--) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1361:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt -= strlen(str);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1415:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(in))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1461:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:1506:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strstr(line+strlen(line)-6," put")!=NULL && strchr(line,'/')!=NULL )) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2100:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2113:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(temp))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2231:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2244:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2270:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define bgetc(extra,in) (*(extra)=='\0' ? getc(in) : (unsigned char ) *(extra)++ )
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2384:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*pt++ = getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2387:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cypher = getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2393:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cypher = getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2420:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) + getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2427:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) + getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2469:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = (val<<8) + getc(temp);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2493:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(in))!='(' && ch!='/' && ch!=EOF );
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2498:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( pt=fontsetname; (ch=getc(in))!=' ' && ch!=EOF; )
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2503:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(in))=='B' || ch=='b' ) binary = true;
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2510:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(in))!=')' && ch!=EOF );
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2517:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch=getc(in)) );
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2520:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(in); /* And if it didn't match, what could I do about it? */
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2523:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(in);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2530:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch=getc(in)) );
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2531:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch2=getc(in)) );
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2536:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(in))!='>' ) ungetc(ch,in);
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2560:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( buffer );
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2566:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( len<6 ) { getc(in); ++len; }
data/fontforge-20201107~dfsg/fontforge/parsepfa.c:2774:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen("FontName");
data/fontforge-20201107~dfsg/fontforge/parsettf.c:308:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
langlen = strlen(lang);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:319:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(langcountry,lang,5); langcountry[5] = '\0';
data/fontforge-20201107~dfsg/fontforge/parsettf.c:320:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(language,lang,3); language[3] = '\0';
data/fontforge-20201107~dfsg/fontforge/parsettf.c:322:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
langlen = strlen(language);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:341:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return( getc(ttf));
data/fontforge-20201107~dfsg/fontforge/parsettf.c:432:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*cpt++ = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:445:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf)<<8;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:446:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*pt++ = ch | getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:452:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*pt++ = enc->unicode[getc(ttf)];
data/fontforge-20201107~dfsg/fontforge/parsettf.c:460:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*cpt++ = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1397:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strlen, int stroff,int spec,int language, struct macname *last) {
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1410:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i=0; i<strlen; ++i )
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1411:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*pt++ = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1419:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strlen, int stroff,int spec,int language) {
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1425:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f->featname = AddMacName(ttf,strlen,stroff,spec,language,f->featname);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1430:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s->setname = AddMacName(ttf,strlen,stroff,spec,language,s->setname);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1444:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mi->last = mi->head = AddMacName(ttf,strlen,stroff,spec,language,NULL);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1450:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mi->last->next = AddMacName(ttf,strlen,stroff,spec,language,NULL);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1493:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(str)>63 ) {
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1510:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str=malloc(strlen(old)+2);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1524:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(str)>63 )
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1783:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( temp[0] != '\0' && temp[strlen(temp)-1]==' ' )
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1784:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/parsettf.c:1999:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
instructions[i] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2003:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
flags[i] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2005:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int cnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2023:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int off = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2046:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int off = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2113:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
arg1 = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2114:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
arg2 = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2214:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
instructions[i] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2750:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsize = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2769:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
names[i][j] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2799:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2801:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*operand = (12<<8) | getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2810:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2831:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*_ival = ((ch-247)<<8) + getc(ttf)+108;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2834:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*_ival = -((ch-251)<<8) - getc(ttf)-108;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2837:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ival = getc(ttf)<<8;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2838:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*_ival = (short) (ival | getc(ttf));
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2842:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ival = getc(ttf)<<24;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2843:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ival = ival | getc(ttf)<<16;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2844:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ival = ival | getc(ttf)<<8;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2845:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*_ival = (int) (ival | getc(ttf));
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2867:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2869:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf); /* Two byte number */
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2871:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf); getc(ttf); getc(ttf); getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2871:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf); getc(ttf); getc(ttf); getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2871:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf); getc(ttf); getc(ttf); getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2871:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf); getc(ttf); getc(ttf); getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2874:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2875:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2877:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf); /* Two byte operator */
data/fontforge-20201107~dfsg/fontforge/parsettf.c:2993:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsize = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3002:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
subs->values[i][j] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3343:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsize = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3423:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
format = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3427:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3429:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
map->map[getc(ttf)] = i;
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3431:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3437:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
first = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3439:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
last = first + getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3453:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3455:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dupenc = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3554:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
format = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3561:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3584:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
format = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3587:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fdselect[i] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3592:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fd = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3622:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3643:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3953:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(ttf)!='\1' ) { /* Major version */
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3958:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf); /* Minor version */
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3959:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdrsize = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:3960:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsize = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4067:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
putc(getc(ttf),tmp);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4392:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int cnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4753:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (i < 256) table[i] = getc(ttf); else getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:4753:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (i < 256) table[i] = getc(ttf); else getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5124:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info->pfminfo.panose[i] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5134:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info->pfminfo.os2_vendor[0] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5135:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info->pfminfo.os2_vendor[1] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5136:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info->pfminfo.os2_vendor[2] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5137:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info->pfminfo.os2_vendor[3] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5196:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->xuid = malloc(strlen(xuid)+20);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5245:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5251:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nm[j] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:5256:4: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6354:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chosenname[strlen(chosenname)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6400:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( getc(cff)!='\1' ) { /* Major version */
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6405:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(cff); /* Minor version */
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6406:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdrsize = getc(cff);
data/fontforge-20201107~dfsg/fontforge/parsettf.c:6407:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offsize = getc(cff);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:80:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lens[class[i]] += strlen(info->chars[i]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:87:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lens[class[i]] += strlen(info->chars[i]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:131:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( ret+len, " ");
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:133:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(info->chars[i]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:191:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(info->chars[glyphs[i]]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:196:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:446:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
adjust->corrections[i] = (int8) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:1917:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = malloc(strlen(basename)+strlen(pt)+2);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:1917:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = malloc(strlen(basename)+strlen(pt)+2);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2043:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( info->chars[glyph2s[j]]->name) +1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2059:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pt," ");
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2061:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( *pt!='\0' && pt[strlen(pt)-1]==' ' )
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2062:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt[strlen(pt)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2164:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(info->chars[lig_glyphs[k]]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2177:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str,"_");
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2179:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = str+strlen(str);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2190:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(info->chars[lig_glyphs[k]]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:2205:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3062:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->mark_class_names[i] = malloc((strlen(format_spec)+10));
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3081:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->mark_set_names[i] = malloc((strlen(format_spec)+10));
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3329:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = malloc(strlen(parent->lookup_name)+strlen(format)+10);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3329:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = malloc(strlen(parent->lookup_name)+strlen(format)+10);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3741:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sm->info->chars[sm->lig_comp_glyphs[j]]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3751:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(comp," ");
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3870:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sm->info->chars[sm->lig_comp_glyphs[j]]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:3877:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(comp," ");
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4124:38: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ent = ismorx ? getushort(ttf) : getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4218:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lens[st->classes2[i]] += strlen( info->chars[i]->name )+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4221:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lens[st->classes2[info->badgids[i]->orig_pos]] += strlen( info->badgids[i]->name )+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4225:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lens[st->classes[i-st->first_glyph]] += strlen( info->chars[i]->name )+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4235:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classes[st->classes2[i]]," ");
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4240:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classes[st->classes2[info->badgids[i]->orig_pos]]," ");
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4245:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classes[st->classes[i-st->first_glyph]]," " );
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4249:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(classes[i]);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4268:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(info->chars[glyph]->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:4278:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(info->chars[glyph]->name);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5002:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
kv = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5003:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
kc->first_cnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5004:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
kc->second_cnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5005:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
flags = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5019:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
class1[i] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5021:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
class2[i] = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5023:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
kc->offsets[i] = kvs[getc(ttf)];
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5358:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sc->name)+1;
data/fontforge-20201107~dfsg/fontforge/parsettfatt.c:5365:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sc->name);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:86:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.height = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:87:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.width = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:88:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hbearingX = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:89:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hbearingY = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:90:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hadvance = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:99:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* pad = */ getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:101:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.height = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:102:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.width = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:103:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hbearingX = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:104:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hbearingY = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:105:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hadvance = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:106:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vbearingX = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:107:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vbearingY = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:108:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vadvance = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:198:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ref->xoff = (int8) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:199:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ref->yoff = (int8) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:214:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:227:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:238:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:252:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:263:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:418:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.height = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:419:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.width = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:420:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hbearingX = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:421:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hbearingY = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:422:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hadvance = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:423:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vbearingX = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:424:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vbearingY = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:425:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vadvance = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:457:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.height = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:458:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.width = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:459:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hbearingX = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:460:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hbearingY = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:461:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.hadvance = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:462:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vbearingX = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:463:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vbearingY = (signed char) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:464:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
big.vadvance = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:524:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sizes[j].ascent = (int8)getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:525:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sizes[j].descent = (int8)getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:526:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( k=0; k<12-2; ++k ) getc(ttf); /* Horizontal Line Metrics */
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:527:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( k=0; k<12; ++k ) getc(ttf); /* Vertical Line Metrics */
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:530:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sizes[j].ppem = getc(ttf); /* X */
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:531:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( /* ppemY */ getc(ttf) != sizes[j].ppem )
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:533:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (sizes[j].depth = getc(ttf)) != 1 && sizes[j].depth!=2 &&
data/fontforge-20201107~dfsg/fontforge/parsettfbmf.c:536:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( /* flags */ !(getc(ttf)&1) ) /* !Horizontal */
data/fontforge-20201107~dfsg/fontforge/parsettfvar.c:233:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
runcnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfvar.c:245:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
deltas[i++] = (int8) getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfvar.c:262:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfvar.c:266:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = getc(ttf)|((n&0x7f)<<8);
data/fontforge-20201107~dfsg/fontforge/parsettfvar.c:273:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
runcnt = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfvar.c:281:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
points[i++] = first = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/parsettfvar.c:283:31: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
points[i++] = (first += getc(ttf));
data/fontforge-20201107~dfsg/fontforge/print.c:132:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pfb);
data/fontforge-20201107~dfsg/fontforge/print.c:139:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pfb);
data/fontforge-20201107~dfsg/fontforge/print.c:146:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pfb);
data/fontforge-20201107~dfsg/fontforge/print.c:148:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pfb);
data/fontforge-20201107~dfsg/fontforge/print.c:150:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pfb);
data/fontforge-20201107~dfsg/fontforge/print.c:152:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(pfb);
data/fontforge-20201107~dfsg/fontforge/print.c:393:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(sfbit->fontfile);
data/fontforge-20201107~dfsg/fontforge/print.c:398:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(sfbit->fontfile);
data/fontforge-20201107~dfsg/fontforge/print.c:404:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(sfbit->fontfile);
data/fontforge-20201107~dfsg/fontforge/print.c:1040:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(sfbit->fontfile))!=EOF )
data/fontforge-20201107~dfsg/fontforge/print.c:1439:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(sfbit->fontfile))!=EOF )
data/fontforge-20201107~dfsg/fontforge/print.c:2626:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(langbuf,lang,10);
data/fontforge-20201107~dfsg/fontforge/print.c:3024:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/print.c:3024:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/print.c:3035:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/print.c:3035:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/psread.c:240:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace( ch = getc(io->fog)));
data/fontforge-20201107~dfsg/fontforge/psread.c:251:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace( ch = getc(io->fog)));
data/fontforge-20201107~dfsg/fontforge/psread.c:280:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch = getc(io->ps))!=EOF )
data/fontforge-20201107~dfsg/fontforge/psread.c:1452:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stack[sp++].u.str = copyn(tokbuf+1,strlen(tokbuf)-2);
data/fontforge-20201107~dfsg/fontforge/psread.c:3252:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch = getc(ps)) );
data/fontforge-20201107~dfsg/fontforge/psread.c:3263:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(ps);
data/fontforge-20201107~dfsg/fontforge/python.c:1290:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PyTuple_SetItem(arglist,2,PyUnicode_DecodeUTF8(filename,strlen(filename),NULL));
data/fontforge-20201107~dfsg/fontforge/python.c:1313:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PyTuple_SetItem(arglist,2,PyUnicode_DecodeUTF8(filename,strlen(filename),NULL));
data/fontforge-20201107~dfsg/fontforge/python.c:1314:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PyTuple_SetItem(arglist,2,PyUnicode_DecodeUTF8(filename,strlen(filename),NULL));
data/fontforge-20201107~dfsg/fontforge/python.c:1497:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reto = PyUnicode_DecodeUTF8(ret,strlen(ret),NULL);
data/fontforge-20201107~dfsg/fontforge/python.c:1518:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reto = PyUnicode_DecodeUTF8(ret,strlen(ret),NULL);
data/fontforge-20201107~dfsg/fontforge/python.c:2220:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = buffer+strlen(buffer);
data/fontforge-20201107~dfsg/fontforge/python.c:2224:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen( pt );
data/fontforge-20201107~dfsg/fontforge/python.c:2226:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pt,">");
data/fontforge-20201107~dfsg/fontforge/python.c:3870:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = buffer+strlen(buffer);
data/fontforge-20201107~dfsg/fontforge/python.c:3874:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/python.c:3878:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen( pt );
data/fontforge-20201107~dfsg/fontforge/python.c:3881:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/python.c:3883:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pt,">");
data/fontforge-20201107~dfsg/fontforge/python.c:6473:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space_needed += strlen(self->sc->name);
data/fontforge-20201107~dfsg/fontforge/python.c:7327:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = PyUnicode_DecodeUTF8(out, strlen(out), NULL);
data/fontforge-20201107~dfsg/fontforge/python.c:7365:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return( PyUnicode_DecodeUTF8(self->sc->comment,strlen(self->sc->comment),NULL));
data/fontforge-20201107~dfsg/fontforge/python.c:7583:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(g->sc->name) + 1;
data/fontforge-20201107~dfsg/fontforge/python.c:7596:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(g->sc->name);
data/fontforge-20201107~dfsg/fontforge/python.c:7597:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pt," ");
data/fontforge-20201107~dfsg/fontforge/python.c:8718:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
deltalen = strlen(sc->name);
data/fontforge-20201107~dfsg/fontforge/python.c:8726:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
deltalen = strlen(str);
data/fontforge-20201107~dfsg/fontforge/python.c:8756:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/python.c:11210:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/python.c:13189:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( newv )>4 ) {
data/fontforge-20201107~dfsg/fontforge/python.c:13194:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sf->pfminfo.os2_vendor, newv, 4);
data/fontforge-20201107~dfsg/fontforge/python.c:13652:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(nm)==0 ) {
data/fontforge-20201107~dfsg/fontforge/python.c:14399:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(locfilename);
data/fontforge-20201107~dfsg/fontforge/python.c:16379:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locfilename = malloc((strlen(fn)+10));
data/fontforge-20201107~dfsg/fontforge/python.c:19708:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arglist = PyTuple_New(strlen(argtypes));
data/fontforge-20201107~dfsg/fontforge/savefont.c:101:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(filename)+6), *pt, *pt2;
data/fontforge-20201107~dfsg/fontforge/savefont.c:138:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = malloc(strlen(filename)+strlen(sf->fontname)+4+1);
data/fontforge-20201107~dfsg/fontforge/savefont.c:138:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = malloc(strlen(filename)+strlen(sf->fontname)+4+1);
data/fontforge-20201107~dfsg/fontforge/savefont.c:156:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = malloc(strlen(filename)+8);
data/fontforge-20201107~dfsg/fontforge/savefont.c:179:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(filename)+6), *pt, *pt2;
data/fontforge-20201107~dfsg/fontforge/savefont.c:241:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(filename)+6), *pt, *pt2;
data/fontforge-20201107~dfsg/fontforge/savefont.c:299:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(filename)+6), *pt, *pt2;
data/fontforge-20201107~dfsg/fontforge/savefont.c:323:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(filename)+12), *pt;
data/fontforge-20201107~dfsg/fontforge/savefont.c:352:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(filename)+30), *pt, *pt2;
data/fontforge-20201107~dfsg/fontforge/savefont.c:382:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = buf+strlen(buf);
data/fontforge-20201107~dfsg/fontforge/savefont.c:448:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(buffer,pfaeditflag,strlen(pfaeditflag))== 0 ) {
data/fontforge-20201107~dfsg/fontforge/savefont.c:453:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt=buffer+strlen(buffer)-1;
data/fontforge-20201107~dfsg/fontforge/savefont.c:469:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bpt = realloc(bpt,strlen(bpt)+strlen(buffer)+10);
data/fontforge-20201107~dfsg/fontforge/savefont.c:469:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bpt = realloc(bpt,strlen(bpt)+strlen(buffer)+10);
data/fontforge-20201107~dfsg/fontforge/savefont.c:475:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt=buffer+strlen(buffer)-1;
data/fontforge-20201107~dfsg/fontforge/savefont.c:638:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = malloc(strlen(newname)+strlen(names[subfont])+10);
data/fontforge-20201107~dfsg/fontforge/savefont.c:638:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = malloc(strlen(newname)+strlen(names[subfont])+10);
data/fontforge-20201107~dfsg/fontforge/savefont.c:651:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(names[subfont]);
data/fontforge-20201107~dfsg/fontforge/savefont.c:654:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( l=strlen(pt); l>=2 ; --l )
data/fontforge-20201107~dfsg/fontforge/savefont.c:661:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp.fullname = malloc(strlen(temp.fullname)+strlen(names[subfont])+3);
data/fontforge-20201107~dfsg/fontforge/savefont.c:661:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp.fullname = malloc(strlen(temp.fullname)+strlen(names[subfont])+3);
data/fontforge-20201107~dfsg/fontforge/savefont.c:663:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp.fullname," ");
data/fontforge-20201107~dfsg/fontforge/savefont.c:670:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp.xuid = malloc(strlen(sf->xuid)+strlen(buf)+5);
data/fontforge-20201107~dfsg/fontforge/savefont.c:670:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp.xuid = malloc(strlen(sf->xuid)+strlen(buf)+5);
data/fontforge-20201107~dfsg/fontforge/savefont.c:672:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = temp.xuid + strlen( temp.xuid )-1;
data/fontforge-20201107~dfsg/fontforge/savefont.c:677:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pt,"]");
data/fontforge-20201107~dfsg/fontforge/savefont.c:925:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( newname[strlen(newname)-1]=='.' ) {
data/fontforge-20201107~dfsg/fontforge/savefont.c:926:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(newname)+8);
data/fontforge-20201107~dfsg/fontforge/savefont.c:936:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( newname[strlen(newname)-1]=='.' ) {
data/fontforge-20201107~dfsg/fontforge/savefont.c:937:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(newname)+8);
data/fontforge-20201107~dfsg/fontforge/savefont.c:1047:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *end = filename+strlen(filename);
data/fontforge-20201107~dfsg/fontforge/savefont.c:1068:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( savefont_extensions[i])>0 &&
data/fontforge-20201107~dfsg/fontforge/savefont.c:1069:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end-filename>=(ptrdiff_t)strlen(savefont_extensions[i]) &&
data/fontforge-20201107~dfsg/fontforge/savefont.c:1070:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(end-strlen(savefont_extensions[i]),savefont_extensions[i])==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1073:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( end-filename>8 && strmatch(end-strlen(".ttf.bin"),".ttf.bin")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1075:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>5 && strmatch(end-strlen(".suit"),".suit")==0 ) /* Different extensions for Mac/non Mac, support both always */
data/fontforge-20201107~dfsg/fontforge/savefont.c:1077:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>4 && strmatch(end-strlen(".bin"),".bin")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1079:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>4 && strmatch(end-strlen(".res"),".res")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1081:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>8 && strmatch(end-strlen(".sym.ttf"),".sym.ttf")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1083:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>8 && strmatch(end-strlen(".cid.cff"),".cid.cff")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1085:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>8 && strmatch(end-strlen(".cid.t42"),".cid.t42")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1087:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>7 && strmatch(end-strlen(".mm.pfa"),".mm.pfa")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1089:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>7 && strmatch(end-strlen(".mm.pfb"),".mm.pfb")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1091:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( end-filename>7 && strmatch(end-strlen(".mult"),".mult")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1097:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( end-filename>(ptrdiff_t)strlen(bitmaps[i]) &&
data/fontforge-20201107~dfsg/fontforge/savefont.c:1098:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(end-strlen(bitmaps[i]),bitmaps[i])==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1110:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( i==ff_ttfdfont && strmatch(end-strlen(".otf.dfont"),".otf.dfont")==0 )
data/fontforge-20201107~dfsg/fontforge/savefont.c:1122:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
freeme = malloc(strlen(filename)+8);
data/fontforge-20201107~dfsg/fontforge/scripting.c:611:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c->return_val.u.ival = strlen( c->a.vals[1].u.sval );
data/fontforge-20201107~dfsg/fontforge/scripting.c:642:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen( str2 );
data/fontforge-20201107~dfsg/fontforge/scripting.c:686:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen( str2 );
data/fontforge-20201107~dfsg/fontforge/scripting.c:697:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(arr->vals[i].u.sval) + len2;
data/fontforge-20201107~dfsg/fontforge/scripting.c:721:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlen = strlen( needle );
data/fontforge-20201107~dfsg/fontforge/scripting.c:722:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( pt=haystack+strlen(haystack)-nlen; pt>=haystack; --pt )
data/fontforge-20201107~dfsg/fontforge/scripting.c:743:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = c->a.argc==4? c->a.vals[3].u.ival : (int)strlen(str);
data/fontforge-20201107~dfsg/fontforge/scripting.c:744:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( start<0 || start>(int)strlen(str) || end<start || end>(int)strlen(str) )
data/fontforge-20201107~dfsg/fontforge/scripting.c:744:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( start<0 || start>(int)strlen(str) || end<start || end>(int)strlen(str) )
data/fontforge-20201107~dfsg/fontforge/scripting.c:1431:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( c->a.vals[2].u.ival<0 || c->a.vals[2].u.ival>(int)strlen( c->a.vals[1].u.sval) ) {
data/fontforge-20201107~dfsg/fontforge/scripting.c:1438:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len = strlen(c->a.vals[1].u.sval);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1521:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(results[j])+2;
data/fontforge-20201107~dfsg/fontforge/scripting.c:1526:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(pt,results[0]); pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1532:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(pt,results[j]); pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1760:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c->return_val.u.ival = fwrite(c->a.vals[1].u.sval,1,strlen(c->a.vals[1].u.sval),f);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1818:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *temp = malloc(strlen(filename)+strlen("/glyphs/contents.plist")+1);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1818:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *temp = malloc(strlen(filename)+strlen("/glyphs/contents.plist")+1);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1836:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(foo);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1837:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(foo);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1838:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(foo);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1839:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(foo);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1841:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* ch5 */ (void)getc(foo);
data/fontforge-20201107~dfsg/fontforge/scripting.c:1842:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* ch6 */ (void)getc(foo);
data/fontforge-20201107~dfsg/fontforge/scripting.c:2069:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen = strlen(needle), hlen = strlen(haystack);
data/fontforge-20201107~dfsg/fontforge/scripting.c:2069:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen = strlen(needle), hlen = strlen(haystack);
data/fontforge-20201107~dfsg/fontforge/scripting.c:2338:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(filename);
data/fontforge-20201107~dfsg/fontforge/scripting.c:3376:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = tstr+strlen(tstr);
data/fontforge-20201107~dfsg/fontforge/scripting.c:3415:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = tstr+strlen(tstr);
data/fontforge-20201107~dfsg/fontforge/scripting.c:3444:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = tstr+strlen(tstr);
data/fontforge-20201107~dfsg/fontforge/scripting.c:3470:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = tstr+strlen(tstr);
data/fontforge-20201107~dfsg/fontforge/scripting.c:3818:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strlen(c->a.vals[2].u.sval)>4 )
data/fontforge-20201107~dfsg/fontforge/scripting.c:6047:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(c->a.vals[1].u.sval)>4 || *c->a.vals[1].u.sval=='\0' )
data/fontforge-20201107~dfsg/fontforge/scripting.c:9220:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return getc(script);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9243:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((ch = getc(c->script)) < 0) {
data/fontforge-20201107~dfsg/fontforge/scripting.c:9270:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return getc(c->script);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9774:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sub.filename = strcpy(malloc(strlen(c->filename)+strlen(name)+4),c->filename);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9774:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sub.filename = strcpy(malloc(strlen(c->filename)+strlen(name)+4),c->filename);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9782:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sub.filename = strcpy(malloc(strlen(name)+4),name);
data/fontforge-20201107~dfsg/fontforge/scripting.c:9783:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = sub.filename + strlen(sub.filename);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10310:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(val->u.sval)+strlen(temp)+1);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10310:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(val->u.sval)+strlen(temp)+1);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10539:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(val->u.lval->u.sval)+strlen(temp)+1);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10539:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(val->u.lval->u.sval)+strlen(temp)+1);
data/fontforge-20201107~dfsg/fontforge/scripting.c:10802:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(former))>=0 ) {
data/fontforge-20201107~dfsg/fontforge/scripting.c:10877:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(string,1,strlen(string),c.script);
data/fontforge-20201107~dfsg/fontforge/scstyles.c:2070:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,".");
data/fontforge-20201107~dfsg/fontforge/search.c:1378:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf = malloc(strlen(base->name)+20);
data/fontforge-20201107~dfsg/fontforge/search.c:1393:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret->comment = malloc( strlen(reason)+strlen(ret->name)+strlen(morereason) + 2 );
data/fontforge-20201107~dfsg/fontforge/search.c:1393:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret->comment = malloc( strlen(reason)+strlen(ret->name)+strlen(morereason) + 2 );
data/fontforge-20201107~dfsg/fontforge/search.c:1393:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret->comment = malloc( strlen(reason)+strlen(ret->name)+strlen(morereason) + 2 );
data/fontforge-20201107~dfsg/fontforge/sfd.c:179:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int lastread = getc(stream);
data/fontforge-20201107~dfsg/fontforge/sfd.c:181:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pos1 ++; lastread = getc(stream);
data/fontforge-20201107~dfsg/fontforge/sfd.c:402:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch=getc(sfd);
data/fontforge-20201107~dfsg/fontforge/sfd.c:405:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(sfd);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1815:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest += strlen(dest);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1817:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest += strlen(dest);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1825:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest,name,7);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1829:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest,name,4);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1835:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest,name,5);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1891:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *glyphfile = malloc(strlen(dirname)+2*strlen(bdf->glyphs[i]->sc->name)+20);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1891:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *glyphfile = malloc(strlen(dirname)+2*strlen(bdf->glyphs[i]->sc->name)+20);
data/fontforge-20201107~dfsg/fontforge/sfd.c:1925:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(private->values[i]));
data/fontforge-20201107~dfsg/fontforge/sfd.c:2026:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(mn->name) );
data/fontforge-20201107~dfsg/fontforge/sfd.c:2501:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, "%d %s\n", (int) strlen(sf->mark_classes[i]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2513:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, "%d %s\n", (int) strlen(sf->mark_sets[i]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2530:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, " %d %s\n", (int)strlen(kc->firsts[0]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2533:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, " %d %s\n", (int)strlen(kc->firsts[i]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2536:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, " %d %s\n", (int)strlen(kc->seconds[i]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2589:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, " Class0: %d %s\n", (int)strlen(fpst->nclass[0]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2592:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, " Class: %d %s\n", (int)strlen(fpst->nclass[i]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2595:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, " BClass: %d %s\n", (int)strlen(fpst->bclass[i]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2598:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, " FClass: %d %s\n", (int)strlen(fpst->fclass[i]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2604:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fpst->rules[i].u.glyph.names),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2608:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fpst->rules[i].u.glyph.back),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2614:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fpst->rules[i].u.glyph.fore),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2636:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fpst->rules[i].u.coverage.ncovers[j]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2640:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fpst->rules[i].u.coverage.bcovers[j]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2644:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fpst->rules[i].u.coverage.fcovers[j]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2664:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fpst->rules[i].u.rcoverage.replacements),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2708:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf( sfd, " Class: %d %s\n", (int)strlen(sm->classes[i]),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2728:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(sm->state[i].u.insert.mark_ins),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2734:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(sm->state[i].u.insert.cur_ins),
data/fontforge-20201107~dfsg/fontforge/sfd.c:2870:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *subfont = malloc(strlen(dirname)+1+strlen(sf->subfonts[i]->fontname)+20);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2870:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *subfont = malloc(strlen(dirname)+1+strlen(sf->subfonts[i]->fontname)+20);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2875:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fontprops = malloc(strlen(subfont)+strlen("/" FONT_PROPS)+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2875:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fontprops = malloc(strlen(subfont)+strlen("/" FONT_PROPS)+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2925:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *glyphfile = malloc(strlen(dirname)+2*strlen(sf->glyphs[i]->name)+20);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2925:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *glyphfile = malloc(strlen(dirname)+2*strlen(sf->glyphs[i]->name)+20);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2948:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *strike = malloc(strlen(dirname)+1+20+20);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2953:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strikeprops = malloc(strlen(strike)+strlen("/" STRIKE_PROPS)+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2953:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strikeprops = malloc(strlen(strike)+strlen("/" STRIKE_PROPS)+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2973:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *instance = malloc(strlen(dirname)+1+10+20);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2982:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fontprops = malloc(strlen(instance)+strlen("/" FONT_PROPS)+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:2982:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fontprops = malloc(strlen(instance)+strlen("/" FONT_PROPS)+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3101:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = malloc(strlen(filename)+1+NAME_MAX+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3136:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = malloc(strlen(filename)+1+NAME_MAX+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3137:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
markerfile = malloc(strlen(filename)+2+2*NAME_MAX+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3171:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempfilename = malloc(strlen(filename)+strlen("/" FONT_PROPS)+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3171:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempfilename = malloc(strlen(filename)+strlen("/" FONT_PROPS)+1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3275:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = malloc(strlen(filename)+10);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3278:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf2 = malloc(strlen(filename)+10);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3282:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,"~");
data/fontforge-20201107~dfsg/fontforge/sfd.c:3320:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = malloc(strlen(filename)+40);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3343:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(sfd);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3565:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch1=getc(dec->sfd)));
data/fontforge-20201107~dfsg/fontforge/sfd.c:3570:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch2=getc(dec->sfd)));
data/fontforge-20201107~dfsg/fontforge/sfd.c:3571:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch3=getc(dec->sfd)));
data/fontforge-20201107~dfsg/fontforge/sfd.c:3572:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch4=getc(dec->sfd)));
data/fontforge-20201107~dfsg/fontforge/sfd.c:3573:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch5=getc(dec->sfd)));
data/fontforge-20201107~dfsg/fontforge/sfd.c:3829:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int backlen = strlen(end_tt_instrs);
data/fontforge-20201107~dfsg/fontforge/sfd.c:3945:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int backlen = strlen(end_tt_instrs);
data/fontforge-20201107~dfsg/fontforge/sfd.c:4991:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( !strnmatch( line, *tp, strlen( *tp ))) {
data/fontforge-20201107~dfsg/fontforge/sfd.c:5008:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tok,ttok,sizeof(tok)-1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:5121:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tok,ttok,sizeof(tok)-1);
data/fontforge-20201107~dfsg/fontforge/sfd.c:5277:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( !strnmatch( line, "StartChar:", strlen( "StartChar:" ))) {
data/fontforge-20201107~dfsg/fontforge/sfd.c:5280:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen("StartChar:");
data/fontforge-20201107~dfsg/fontforge/sfd.c:6041:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( tok[strlen(tok)-1]=='"' ) tok[strlen(tok)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/sfd.c:6041:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( tok[strlen(tok)-1]=='"' ) tok[strlen(tok)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/sfd.c:6261:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = malloc(strlen(dirname)+NAME_MAX+3);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7047:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(buffer,endtok,strlen(endtok))==0 )
data/fontforge-20201107~dfsg/fontforge/sfd.c:7054:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen(buffer);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7130:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = malloc(strlen(dirname)+NAME_MAX+3);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7131:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
props = malloc(strlen(dirname)+2*NAME_MAX+4);
data/fontforge-20201107~dfsg/fontforge/sfd.c:7425:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen( name );
data/fontforge-20201107~dfsg/fontforge/sfd.c:9399:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer+6) > 70) {
data/fontforge-20201107~dfsg/fontforge/sfd1.c:465:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lac->ac.name = malloc(strlen(ac->ac.name)+strlen(format)+1);
data/fontforge-20201107~dfsg/fontforge/sfd1.c:465:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lac->ac.name = malloc(strlen(ac->ac.name)+strlen(format)+1);
data/fontforge-20201107~dfsg/fontforge/sflayout.c:1297:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = malloc(strlen(dir)+strlen(sf->fontname)+100);
data/fontforge-20201107~dfsg/fontforge/sflayout.c:1297:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = malloc(strlen(dir)+strlen(sf->fontname)+100);
data/fontforge-20201107~dfsg/fontforge/splinechar.c:1545:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(sc->name)>31 )
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1469:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(aa,sf->fontname,sizeof(aa)-strlen(aa)-1);
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1469:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(aa,sf->fontname,sizeof(aa)-strlen(aa)-1);
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1628:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(aa,sf->fontname,sizeof(aa)-strlen(aa)-1);
data/fontforge-20201107~dfsg/fontforge/splinefill.c:1628:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(aa,sf->fontname,sizeof(aa)-strlen(aa)-1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:415:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc(10*strlen(string)+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:436:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:455:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc(10*strlen(string)+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:476:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:678:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:697:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:713:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:832:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
archivedir = malloc(strlen(dir)+100);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:839:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
listfile = malloc(strlen(archivedir)+strlen("/" TOC_NAME)+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:839:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
listfile = malloc(strlen(archivedir)+strlen("/" TOC_NAME)+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:842:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
listcommand = malloc( strlen(archivers[i].unarchive) + 1 +
data/fontforge-20201107~dfsg/fontforge/splinefont.c:843:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( archivers[i].listargs) + 1 +
data/fontforge-20201107~dfsg/fontforge/splinefont.c:844:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( name ) + 3 +
data/fontforge-20201107~dfsg/fontforge/splinefont.c:845:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( listfile ) +4 );
data/fontforge-20201107~dfsg/fontforge/splinefont.c:864:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unarchivecmd = malloc( strlen(archivers[i].unarchive) + 1 +
data/fontforge-20201107~dfsg/fontforge/splinefont.c:865:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( archivers[i].listargs) + 1 +
data/fontforge-20201107~dfsg/fontforge/splinefont.c:866:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( name ) + 1 +
data/fontforge-20201107~dfsg/fontforge/splinefont.c:867:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( desiredfile ) + 3 +
data/fontforge-20201107~dfsg/fontforge/splinefont.c:868:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( archivedir ) + 30 );
data/fontforge-20201107~dfsg/fontforge/splinefont.c:879:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
finalfile = malloc( strlen(archivedir) + 1 + strlen(desiredfile) + 1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:879:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
finalfile = malloc( strlen(archivedir) + 1 + strlen(desiredfile) + 1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:904:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpfn = malloc(strlen(dir)+strlen(GFileNameTail(name))+2);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:904:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpfn = malloc(strlen(dir)+strlen(GFileNameTail(name))+2);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:906:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tmpfn,"/");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:998:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1011:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chosenname[strlen(chosenname)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1030:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fullname = malloc(strlen(strippedname)+strlen(paren)+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1030:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fullname = malloc(strlen(strippedname)+strlen(paren)+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1066:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fullname = malloc(strlen(strippedname)+strlen(paren)+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1066:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fullname = malloc(strlen(strippedname)+strlen(paren)+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1075:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(ubuf,_("Loading font from "),sizeof(ubuf)-1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1076:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ubuf);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1078:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(ubuf,temp = def2utf8_copy(GFileNameTail(fullname)),100);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1080:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(ubuf,temp = def2utf8_copy(GFileNameTail(fname)),100);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1107:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *temp = malloc(strlen(strippedname)+strlen("/glyphs/contents.plist")+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1107:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *temp = malloc(strlen(strippedname)+strlen("/glyphs/contents.plist")+1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1126:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1127:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1128:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1129:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1130:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch5 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1131:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch6 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1132:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch7 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1135:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch9 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1136:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch10 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1198:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (( strmatch(fullname+strlen(fullname)-4, ".sfd")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1199:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-5, ".sfd~")==0 ) && checked!='f' ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1202:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (( strmatch(fullname+strlen(fullname)-4, ".ttf")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1203:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(strippedname)-4, ".ttc")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1204:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".gai")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1205:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".otf")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1206:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".otb")==0 ) && checked!='t') {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1208:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(strippedname)-4, ".svg")==0 && checked!='S' ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1210:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(fullname)-4, ".ufo")==0 && checked!='u' ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1211:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-5, ".ufo2")==0 && checked!='u' ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1212:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-5, ".ufo3")==0 && checked!='u' ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1214:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(fullname)-4, ".bdf")==0 && checked!='b' ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1216:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(fullname)-2, "pk")==0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1218:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(fullname)-2, "gf")==0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1220:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(fullname)-4, ".pcf")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1221:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".pmf")==0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1226:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(strippedname)-4, ".bin")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1227:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(strippedname)-4, ".hqx")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1228:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(strippedname)-6, ".dfont")==0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1230:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(strippedname)-4, ".fon")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1231:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(strippedname)-4, ".fnt")==0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1233:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(strippedname)-4, ".pdb")==0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1235:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( (strmatch(fullname+strlen(fullname)-4, ".pfa")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1236:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".pfb")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1237:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".pf3")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1238:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".cid")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1239:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".gsf")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1240:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-4, ".pt3")==0 ||
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1241:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strmatch(fullname+strlen(fullname)-3, ".ps")==0 ) && checked!='p' ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1243:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(fullname)-4, ".cff")==0 && checked!='c' ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1245:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(fullname)-3, ".mf")==0 ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1247:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(strippedname+strlen(strippedname)-4, ".pdf")==0 && checked!='P' ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1249:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strmatch(fullname+strlen(fullname)-3, ".ik")==0 && checked!='i' ) {
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1271:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
norm->origname = malloc(strlen(fname)+strlen(sf->chosenname)+8);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1271:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
norm->origname = malloc(strlen(fname)+strlen(sf->chosenname)+8);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1273:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(norm->origname,"(");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1275:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(norm->origname,")");
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1358:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tobefreed1 = malloc(strlen(filename)+8);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1360:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ept = tobefreed1+strlen(tobefreed1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1446:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(space,fullmods[i][j],sizeof(space)-1);
data/fontforge-20201107~dfsg/fontforge/splinefont.c:1858:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer += strlen(buffer);
data/fontforge-20201107~dfsg/fontforge/splinefont.h:2700:30: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define SWITCH_TO_C_LOCALE() strncpy( oldloc,setlocale(LC_NUMERIC,NULL),24 ); oldloc[24]='\0'; setlocale(LC_NUMERIC,"C");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:73:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF && ch!='\r' && ch!='\n' && pt<end )
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:79:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:149:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if ( sscanf( pt, "; N %40s", name )==1 )
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:152:4: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf( pt, "; L %40s %40s", second, lig)==2 ) {
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:189:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(amfm_filename)+strlen(fontname)+strlen(".afm")+1);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:189:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(amfm_filename)+strlen(fontname)+strlen(".afm")+1);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:189:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(amfm_filename)+strlen(fontname)+strlen(".afm")+1);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:195:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:233:14: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
} else if ( sscanf(buffer,"FontName %256s", lastname )== 1 ) {
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:236:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen("WeightVector");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:259:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new = malloc(strlen(psname)+6);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:262:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt==NULL ) pt = new+strlen(new);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:320:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *components = malloc(strlen(sc1->name)+strlen(sc2->name)+2);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:320:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *components = malloc(strlen(sc1->name)+strlen(sc2->name)+2);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:322:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(components," ");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:421:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sf->glyphs[map->map[i]]->name)+1;
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:438:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(components," ");
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:568:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* width = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:569:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
height = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:571:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ictag = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:574:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
left = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:821:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
height = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:822:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
depth = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:823:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ictag = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:824:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tag = getc(file)&0x3; /* Remaining 6 bytes are "reserved for future use" I think */
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:861:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1283:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(start,"uni",3)==0 && (strlen(start)-3)%4==0 ) {
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1371:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( this->base->name ) +1;
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1373:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( cca->accent->name ) +1;
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1376:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = ret + strlen(ret);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1380:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = pt + strlen(pt);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1947:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lig->u.lig.components = malloc(strlen(sublig->name)+
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:1948:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(l->components->next->sc->name)+
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2026:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2115:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(pfm);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2116:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return( (getc(pfm)<<8)|ch1 );
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2121:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(pfm);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2122:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(pfm);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2123:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch3 = getc(pfm);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2124:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return( (getc(pfm)<<24)|(ch3<<16)|(ch2<<8)|ch1 );
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2494:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<60; ++i ) getc(file); /* Skip the copyright */
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2502:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* italic = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2503:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* underline = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2504:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* strikeout = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2506:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
encoding = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2509:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* family = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2512:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* first = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2513:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* last = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2514:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* space = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2515:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
/* word break = */ getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2523:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2546:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2547:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2664:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:2996:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc(strlen(sf->fontname)+10);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:3001:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.encoding[0] = strlen(encname);
data/fontforge-20201107~dfsg/fontforge/splinesaveafm.c:3010:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.family[0] = strlen(familyname);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:119:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(str1);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:120:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (ret=malloc(len1+strlen(str2)+1))!=NULL ) {
data/fontforge-20201107~dfsg/fontforge/splineutil.c:129:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(str1), len2 = strlen(str2);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:129:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(str1), len2 = strlen(str2);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:130:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (ret=malloc(len1+len2+strlen(str3)+1))!=NULL ) {
data/fontforge-20201107~dfsg/fontforge/splineutil.c:2347:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt=ret=malloc(strlen(str)+1);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:2397:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6713:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(input, "public.kern", strlen("public.kern")) == 0) {
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6714:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int off1 = strlen("public.kern");
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6721:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(input, "public.vkern", strlen("public.vkern")) == 0) {
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6723:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int off1 = strlen("public.vkern");
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6730:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(input, "@MMK_", strlen("@MMK_")) == 0) {
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6731:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int off1 = strlen("@MMK_");
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6787:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t output_length = strlen(input);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6804:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t output_length = strlen(input);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:6817:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t output_length = strlen(input);
data/fontforge-20201107~dfsg/fontforge/splineutil.c:7931:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(str);
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2924:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sf->pfminfo.os2_vendor,TTFFoundry,4);
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:2967:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sf->xuid = malloc(strlen(xuid)+20);
data/fontforge-20201107~dfsg/fontforge/splineutil2.c:3020:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new,sf->xuid,pt-sf->xuid);
data/fontforge-20201107~dfsg/fontforge/svg.c:157:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ch = hash[strlen(hash)-1];
data/fontforge-20201107~dfsg/fontforge/svg.c:158:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ch==']' ) hash[strlen(hash)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/svg.c:160:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ch==']' ) hash[strlen(hash)] = ch;
data/fontforge-20201107~dfsg/fontforge/svg.c:164:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ch = hasv[strlen(hasv)-1];
data/fontforge-20201107~dfsg/fontforge/svg.c:165:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ch==']' ) hasv[strlen(hasv)-1] = '\0';
data/fontforge-20201107~dfsg/fontforge/svg.c:167:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ch==']' ) hasv[strlen(hasv)] = ch;
data/fontforge-20201107~dfsg/fontforge/svg.c:194:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( lineout+strlen(buffer)>=255 ) { putc('\n',file); lineout = 0; }
data/fontforge-20201107~dfsg/fontforge/svg.c:196:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lineout += strlen( buffer );
data/fontforge-20201107~dfsg/fontforge/svg.c:209:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( buffer, "z");
data/fontforge-20201107~dfsg/fontforge/svg.c:235:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( lineout+strlen(buffer)>=255 ) { putc('\n',file); lineout = 0; }
data/fontforge-20201107~dfsg/fontforge/svg.c:237:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lineout += strlen( buffer );
data/fontforge-20201107~dfsg/fontforge/svg.c:424:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(imgf);
data/fontforge-20201107~dfsg/fontforge/svg.c:430:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(imgf);
data/fontforge-20201107~dfsg/fontforge/svg.c:2283:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( (char *) name)==4 ) {
data/fontforge-20201107~dfsg/fontforge/svg.c:2287:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strlen( (char *) name)==7 ) {
data/fontforge-20201107~dfsg/fontforge/svg.c:3001:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 += strlen(chars[len]->name)+1;
data/fontforge-20201107~dfsg/fontforge/svg.c:3015:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/svg.c:3064:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(temp->name)+1;
data/fontforge-20201107~dfsg/fontforge/svg.c:3068:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
names = pt = malloc(len+(g!=NULL?strlen((char *)g):0)+1);
data/fontforge-20201107~dfsg/fontforge/svg.c:3074:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen( pt );
data/fontforge-20201107~dfsg/fontforge/svg.c:3392:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sf->xuid = malloc(strlen(xuid)+20);
data/fontforge-20201107~dfsg/fontforge/svg.c:3639:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doc = xmlParseMemory(data,strlen(data));
data/fontforge-20201107~dfsg/fontforge/svg.c:3709:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( oldloc,setlocale(LC_NUMERIC,NULL),24 );
data/fontforge-20201107~dfsg/fontforge/tottf.c:550:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/tottf.c:551:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/tottf.c:552:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/tottf.c:553:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/tottf.c:628:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (( ch = getc(other))!=EOF )
data/fontforge-20201107~dfsg/fontforge/tottf.c:1728:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putc('\1'+strlen(sf->fontname),cfff);
data/fontforge-20201107~dfsg/fontforge/tottf.c:2285:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strlen, shlen, glen,enclen,csetlen,cstrlen,prvlen;
data/fontforge-20201107~dfsg/fontforge/tottf.c:2349:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strlen, shlen, glen,csetlen,cstrlen,fdsellen,fdarrlen,prvlen;
data/fontforge-20201107~dfsg/fontforge/tottf.c:2394:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !ttfcopyfile(at->cfff,at->globalsubrs,base+strlen,"CFF-GlobalSubrs")) at->error = true;
data/fontforge-20201107~dfsg/fontforge/tottf.c:3415:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(os2->achVendID,sf->pfminfo.os2_vendor,4);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3417:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(os2->achVendID,TTFFoundry,4);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3748:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putc(strlen(str),file);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3749:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(str,sizeof(char),strlen(str),file);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3891:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ne->len = strlen(macname);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3933:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outlen = 3*strlen(utf8name)+10;
data/fontforge-20201107~dfsg/fontforge/tottf.c:3940:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ne->len = strlen(space);
data/fontforge-20201107~dfsg/fontforge/tottf.c:3967:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ne->len = strlen(mn->name);
data/fontforge-20201107~dfsg/fontforge/tottf.c:5899:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *newname = malloc(strlen(fontname)+10);
data/fontforge-20201107~dfsg/fontforge/tottf.c:5908:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( e==NULL ) e = newname+strlen(newname);
data/fontforge-20201107~dfsg/fontforge/tottf.c:5979:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(cff,"%%%%BeginData: %ld Binary Bytes\n", (long) (len+strlen(buffer)) );
data/fontforge-20201107~dfsg/fontforge/tottf.c:6135:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(temp);
data/fontforge-20201107~dfsg/fontforge/tottf.c:6645:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( len=0; len<tab->length && (ch1=getc(tab->data))!=EOF && (ch2=getc(ttc))!=EOF; ++len ) {
data/fontforge-20201107~dfsg/fontforge/tottf.c:6645:69: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( len=0; len<tab->length && (ch1=getc(tab->data))!=EOF && (ch2=getc(ttc))!=EOF; ++len ) {
data/fontforge-20201107~dfsg/fontforge/tottf.c:6793:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(all[cnt].maxpf))!=EOF )
data/fontforge-20201107~dfsg/fontforge/tottf.c:6878:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (val=getc(ttf))!=EOF )
data/fontforge-20201107~dfsg/fontforge/tottfgpos.c:744:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/tottfgpos.c:1435:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforge/tottfgpos.c:2119:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt==NULL ) pt = names+strlen(names);
data/fontforge-20201107~dfsg/fontforge/tottfgpos.c:2170:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt==NULL ) pt = names+strlen(names);
data/fontforge-20201107~dfsg/fontforge/tottfgpos.c:2171:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt-names!=strlen(sc->name))
data/fontforge-20201107~dfsg/fontforge/tottfgpos.c:3473:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ch, match, slen = strlen(name);
data/fontforge-20201107~dfsg/fontforge/ttf.h:456:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16 strlen;
data/fontforge-20201107~dfsg/fontforge/ttfinstrs.c:303:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int icnt=0, imax=strlen(text)/2, val, temp;
data/fontforge-20201107~dfsg/fontforge/ttfinstrs.c:452:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strnmatch(pt,ff_ttf_instrnames[i],end-pt)==0 && end-pt==strlen(ff_ttf_instrnames[i]))
data/fontforge-20201107~dfsg/fontforge/ttfinstrs.c:555:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:80:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
putshort(fcmt,strlen(text));
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:144:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(sc->comment)+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:189:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(sf->cvt_names[i])+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:288:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_info += strlen(otl->lookup_name)+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:300:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_info += strlen(subs->subtable_name)+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:321:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_info += strlen(ac->name)+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:401:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_off += strlen(ss->contour_name)+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:577:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namestart += strlen(pn->name)+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:623:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen += strlen( vs[i].name )+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:625:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen += strlen( hs[i].name )+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:784:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_off += strlen("Spiro")+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:791:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( l==ly_fore ) name_off += strlen("Old_");
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:792:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_off += strlen(sf->layers[l].name)+1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:896:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*pt++ = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:919:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(ttf))!='\0' && ch!=EOF )
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:923:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(ttf))!='\0' && ch!=EOF )
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:969:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*pt++ = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:1128:31: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return( (float) (signed char) getc(ttf) );
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:1148:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
verb = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:1160:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
verb = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:1269:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(ttf);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:1996:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( bdf->props[i].u.atom ) + 1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:2008:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( bdf->props[i].u.atom ) + 1;
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:2067:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(atomoff[k].name,1,strlen(atomoff[k].name)+1,strings);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:2073:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(bdf->props[j].name,1,strlen(bdf->props[j].name)+1,strings);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:2084:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(str,1,strlen(str)+1,strings);
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:2123:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( len=1; (ch=getc(ttf))>0 ; ++len );
data/fontforge-20201107~dfsg/fontforge/ttfspecial.c:2126:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(ttf))>0 )
data/fontforge-20201107~dfsg/fontforge/ufo.c:84:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fname = malloc(strlen(basedir)+strlen(sub)+2);
data/fontforge-20201107~dfsg/fontforge/ufo.c:84:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fname = malloc(strlen(basedir)+strlen(sub)+2);
data/fontforge-20201107~dfsg/fontforge/ufo.c:87:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( fname[strlen(fname)-1]!='/' )
data/fontforge-20201107~dfsg/fontforge/ufo.c:88:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fname,"/");
data/fontforge-20201107~dfsg/fontforge/ufo.c:144:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(input) == 2) &&
data/fontforge-20201107~dfsg/fontforge/ufo.c:163:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t prefix_length = strlen(prefix);
data/fontforge-20201107~dfsg/fontforge/ufo.c:164:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t max_length = 255 - prefix_length - strlen(suffix);
data/fontforge-20201107~dfsg/fontforge/ufo.c:165:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t input_length = strlen(input);
data/fontforge-20201107~dfsg/fontforge/ufo.c:228:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) > (255 - strlen(prefix) - strlen(suffix))) {
data/fontforge-20201107~dfsg/fontforge/ufo.c:228:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) > (255 - strlen(prefix) - strlen(suffix))) {
data/fontforge-20201107~dfsg/fontforge/ufo.c:228:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) > (255 - strlen(prefix) - strlen(suffix))) {
data/fontforge-20201107~dfsg/fontforge/ufo.c:230:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_name_base[(255 - strlen(suffix))] = '\0';
data/fontforge-20201107~dfsg/fontforge/ufo.c:231:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_name_base = realloc(full_name_base, ((255 - strlen(prefix) - strlen(suffix)) + 1));
data/fontforge-20201107~dfsg/fontforge/ufo.c:231:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_name_base = realloc(full_name_base, ((255 - strlen(prefix) - strlen(suffix)) + 1));
data/fontforge-20201107~dfsg/fontforge/ufo.c:237:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) > (255 - 15 - strlen(prefix) - strlen(suffix))) {
data/fontforge-20201107~dfsg/fontforge/ufo.c:237:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) > (255 - 15 - strlen(prefix) - strlen(suffix))) {
data/fontforge-20201107~dfsg/fontforge/ufo.c:237:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) > (255 - 15 - strlen(prefix) - strlen(suffix))) {
data/fontforge-20201107~dfsg/fontforge/ufo.c:239:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_base[(255 - 15 - strlen(suffix))] = '\0';
data/fontforge-20201107~dfsg/fontforge/ufo.c:240:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_base = realloc(name_base, ((255 - 15 - strlen(prefix) - strlen(suffix)) + 1));
data/fontforge-20201107~dfsg/fontforge/ufo.c:240:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_base = realloc(name_base, ((255 - 15 - strlen(prefix) - strlen(suffix)) + 1));
data/fontforge-20201107~dfsg/fontforge/ufo.c:449:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t main_size = strlen(value) +
data/fontforge-20201107~dfsg/fontforge/ufo.c:450:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(count_occurrence(value, "<") * (strlen("<")-strlen("<"))) +
data/fontforge-20201107~dfsg/fontforge/ufo.c:450:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(count_occurrence(value, "<") * (strlen("<")-strlen("<"))) +
data/fontforge-20201107~dfsg/fontforge/ufo.c:451:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(count_occurrence(value, ">") * (strlen(">")-strlen("<"))) +
data/fontforge-20201107~dfsg/fontforge/ufo.c:451:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(count_occurrence(value, ">") * (strlen(">")-strlen("<"))) +
data/fontforge-20201107~dfsg/fontforge/ufo.c:452:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(count_occurrence(value, "&") * (strlen("&")-strlen("<")));
data/fontforge-20201107~dfsg/fontforge/ufo.c:452:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(count_occurrence(value, "&") * (strlen("&")-strlen("<")));
data/fontforge-20201107~dfsg/fontforge/ufo.c:458:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos1 += strlen("<");
data/fontforge-20201107~dfsg/fontforge/ufo.c:461:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos1 += strlen(">");
data/fontforge-20201107~dfsg/fontforge/ufo.c:464:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos1 += strlen("&");
data/fontforge-20201107~dfsg/fontforge/ufo.c:1229:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lastdash && strlen(lastdash) > 2)
data/fontforge-20201107~dfsg/fontforge/ufo.c:1243:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
styleMapFamily = malloc(strlen(preferredFamilyName)+strlen(preferredSubfamilyName)+2);
data/fontforge-20201107~dfsg/fontforge/ufo.c:1243:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
styleMapFamily = malloc(strlen(preferredFamilyName)+strlen(preferredSubfamilyName)+2);
data/fontforge-20201107~dfsg/fontforge/ufo.c:1245:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(styleMapFamily, " ");
data/fontforge-20201107~dfsg/fontforge/ufo.c:2154:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!='<' && ch!=EOF );
data/fontforge-20201107~dfsg/fontforge/ufo.c:2157:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!=EOF && isspace(ch) );
data/fontforge-20201107~dfsg/fontforge/ufo.c:2161:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforge/ufo.c:2167:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( isspace(ch)) ch=getc(file);
data/fontforge-20201107~dfsg/fontforge/ufo.c:2171:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(file))!='<' && ch!=EOF && pt<buffer+1000)
data/fontforge-20201107~dfsg/fontforge/ufo.c:3272:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_char_pos += strlen(delimited_names + name_char_pos);
data/fontforge-20201107~dfsg/fontforge/ufo.c:3573:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
member_list_length += strlen(keyname) + 1; member_count++; // Make space for its name.
data/fontforge-20201107~dfsg/fontforge/ufo.c:3586:62: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (member_native_current != members_native) strcat(current_group->glyphs, " ");
data/fontforge-20201107~dfsg/fontforge/ufo.c:3903:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt+1+strlen(valName)<end ) {
data/fontforge-20201107~dfsg/fontforge/ufo.c:3907:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforge/ufo.c:4135:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sf->pfminfo.os2_vendor,valname,valname_len);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:164:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:165:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:171:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = getc(f);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:172:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(f);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:173:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch3 = getc(f);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:174:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch4 = getc(f);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:205:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.copyright[i] = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:218:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.italic = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:219:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.underline = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:220:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.strikeout = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:222:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.charset = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:225:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.pitchfamily = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:228:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.firstchar = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:229:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.lastchar = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:230:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.defchar = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:231:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fntheader.breakchar = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:237:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(fnt); /* Not documented in the v2 spec but seems to be present */
data/fontforge-20201107~dfsg/fontforge/winfonts.c:247:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:278:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; (ch=getc(fnt))!=EOF && ch!=0; ++i );
data/fontforge-20201107~dfsg/fontforge/winfonts.c:282:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; (ch=getc(fnt))!=EOF && ch!=0; ++i )
data/fontforge-20201107~dfsg/fontforge/winfonts.c:288:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp," ");
data/fontforge-20201107~dfsg/fontforge/winfonts.c:349:44: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bdfc->bitmap[k*bdfc->bytes_per_line+j] = getc(fnt);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:399:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for ( i=0; i<34; ++i ) getc(fon);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:633:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(font->sf->familyname,1,strlen(font->sf->familyname)+1,file);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:827:20: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c = fgetc(fntarray[i])) != 0 && c != EOF)
data/fontforge-20201107~dfsg/fontforge/winfonts.c:832:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fontdir_len += 0x74 + strlen(name) + 1;
data/fontforge-20201107~dfsg/fontforge/winfonts.c:837:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(non_resident_name + strlen(non_resident_name), ",%d", point_size);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:845:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
non_resident_name_len = strlen(non_resident_name) + 4;
data/fontforge-20201107~dfsg/fontforge/winfonts.c:854:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resident_name_len = strlen(resident_name) + 4;
data/fontforge-20201107~dfsg/fontforge/winfonts.c:977:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fputc(strlen("FONTDIR"), fon);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:978:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite("FONTDIR", strlen("FONTDIR"), 1, fon);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:979:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fputc(strlen(resident_name), fon);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:980:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(resident_name, strlen(resident_name), 1, fon);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:986:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fputc(strlen(non_resident_name), fon);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:987:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(non_resident_name, strlen(non_resident_name), 1, fon);
data/fontforge-20201107~dfsg/fontforge/winfonts.c:1021:20: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c = fgetc(fntarray[i])) != 0 && c != EOF)
data/fontforge-20201107~dfsg/fontforge/winfonts.c:1024:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(name, strlen(name) + 1, 1, fon);
data/fontforge-20201107~dfsg/fontforge/woff.c:52:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(from);
data/fontforge-20201107~dfsg/fontforge/woff.c:520:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int uncomplen = strlen(sf->woffMetadata);
data/fontforge-20201107~dfsg/fontforge/woff.c:585:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(fp) != EOF) {
data/fontforge-20201107~dfsg/fontforgeexe/bitmapdlg.c:171:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapdlg.c:178:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:208:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, " ");
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:209:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(buf+strlen(buf), uniname);
data/fontforge-20201107~dfsg/fontforgeexe/bitmapview.c:653:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
refinfo = malloc(strlen(ref->bdfc->sc->name) + 30);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:194:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:203:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:673:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1807:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(StdGlyphName(buffer,*pt,ui_none,(NameList *)-1))+1;
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1811:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( temp );
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1830:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name), uni;
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1841:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
components = realloc(components,strlen(components) + strlen(next) + 2);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1841:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
components = realloc(components,strlen(components) + strlen(next) + 2);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:1843:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(components," ");
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3715:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long len = strlen(inp);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3748:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lblbuf = malloc(strlen(lblprefix)+strlen(inp_l)+1);
data/fontforge-20201107~dfsg/fontforgeexe/charinfo.c:3748:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lblbuf = malloc(strlen(lblprefix)+strlen(inp_l)+1);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:1961:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = buf+strlen(buf);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2274:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ubuf," ");
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:2285:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(ubuf+strlen(ubuf),"#%d", ap->lig_index);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:3586:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( t->charselected,
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4054:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(layername,_("Guide"),layernamesz);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:4058:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(layername,cv->b.sc->parent->layers[idx].name,layernamesz);
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:5804:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer)*cv->sfh;
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:7520:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( txt && strlen(txt) > 1 )
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:12781:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( t->tablabeltxt, txt, charviewtab_charselectedsz );
data/fontforge-20201107~dfsg/fontforgeexe/charview.c:12797:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if( strlen(txt) > 1 )
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:79:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = pt = malloc((strlen(sc->name)+13+3*strlen(pst->u.lig.components)));
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:79:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = pt = malloc((strlen(sc->name)+13+3*strlen(pst->u.lig.components)));
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:81:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:88:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(pt," ⇐ "); pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:97:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:532:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buffer,kern->ac->name,sizeof(buffer)-strlen(buffer)-1);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:532:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buffer,kern->ac->name,sizeof(buffer)-strlen(buffer)-1);
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:995:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(buffer+strlen(buffer)-4, "????");
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:996:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " + %.20s %d U+%04x",
data/fontforge-20201107~dfsg/fontforgeexe/combinations.c:1001:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(buffer+strlen(buffer)-4, "????");
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:163:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt = ret = malloc(strlen(str)+1);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:165:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( pt=str+strlen(str); pt>str; pt=start ) {
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:180:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int flen = strlen(find);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:193:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt = ret = malloc(strlen(src)+found_cnt*(strlen(rpl)-flen)+1);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:193:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt = ret = malloc(strlen(src)+found_cnt*(strlen(rpl)-flen)+1);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:202:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt += strlen(rpt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:204:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rpt,start,pt-start);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:221:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:223:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(classnames[cols*classes[i]+0].u.md_str)+1;
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:232:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:235:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:253:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:255:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(classnames[cols*classes[i]+0].u.md_str)+1;
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:263:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:266:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:295:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf) + strlen( r->lookups[i].lookup->lookup_name );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:295:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf) + strlen( r->lookups[i].lookup->lookup_name );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:306:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:359:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (r->u.glyph.back==NULL ? 0 : strlen(r->u.glyph.back)) +
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:360:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(r->u.glyph.names) +
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:361:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r->u.glyph.fore==0 ? 0 : strlen(r->u.glyph.fore)) +
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:368:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(temp);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:375:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(r->u.glyph.names);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:381:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(r->u.glyph.fore);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:430:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(classes[i][cols*c+0].u.md_str)+1;
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:433:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:443:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen( pt );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:447:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:455:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen( pt );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:459:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:468:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen( pt );
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:472:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:531:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(classes[i][cols*k+0].u.md_str)==nstart-start &&
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:630:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(classes[cols*val+0].u.md_str)==pt-start &&
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1436:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space = malloc(strlen(otl->lookup_name)+8);
data/fontforge-20201107~dfsg/fontforgeexe/contextchain.c:1606:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unichar_t *temp = malloc((spt-basept+strlen(str)+4)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2317:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(cspace+strlen(cspace),sizeof(cspace)-strlen(cspace),
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2317:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(cspace+strlen(cspace),sizeof(cspace)-strlen(cspace),
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2339:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(cspace+strlen(cspace),sizeof(cspace)-strlen(cspace),
data/fontforge-20201107~dfsg/fontforgeexe/cvdebug.c:2339:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(cspace+strlen(cspace),sizeof(cspace)-strlen(cspace),
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1911:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = buffer + strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:1922:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = buffer+strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:2045:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( buffer, _("Curvature: ?"),sizeof(buffer)-1 );
data/fontforge-20201107~dfsg/fontforgeexe/cvgetinfo.c:3847:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nlen = strlen( name );
data/fontforge-20201107~dfsg/fontforgeexe/cvimportdlg.c:670:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text = malloc(strlen(ae)+10);
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:1711:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(layername,_("Guide"),layernamesz);
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:1714:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(layername,cv->b.sc->parent->layers[idx].name,layernamesz);
data/fontforge-20201107~dfsg/fontforgeexe/cvpalettes.c:2487:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( hasmn==NULL && i>=2 && i<9 && strlen(sc->parent->layers[i].name)<30 ) {
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:730:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buffer,_("No curvature info"), blen);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:749:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( buffer, _(" Next CP"), blen);
data/fontforge-20201107~dfsg/fontforgeexe/cvruler.c:751:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy( buffer, _(" Prev CP"), blen);
data/fontforge-20201107~dfsg/fontforgeexe/cvstroke.c:3251:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:145:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = cret+strlen(cret)-1;
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:246:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpt = line+strlen(line)-1;
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:1173:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/displayfonts.c:2077:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pathlen,"0");
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:296:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(mapname);
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:336:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (len = strlen(ent->d_name))<8 )
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:388:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = malloc(strlen(block.dirs[ret-1])+strlen(block.maps[ret-1])+3+8);
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:388:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = malloc(strlen(block.dirs[ret-1])+strlen(block.maps[ret-1])+3+8);
data/fontforge-20201107~dfsg/fontforgeexe/encodingui.c:390:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename,"/");
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1930:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npt = new = malloc(2*strlen(orig)+10);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1931:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlen = strlen(decimal_point);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1975:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlen = 2*strlen(orig)+10;
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1992:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( npt-new + strlen(rpl) + 2 >nlen ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:1994:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new = realloc(new,nlen += strlen(rpl)+100);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2001:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npt += strlen(npt);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2042:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( ept = val+strlen(val-1); ept>pt && isspace(*ept); --ept );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2261:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp[u_strlen(cp) - strlen(" Regular")] ='\0';
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2922:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt==new && strlen(stylelist[i][j].str)==strlen(new) ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2922:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt==new && strlen(stylelist[i][j].str)==strlen(new) ) {
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2927:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strings[3*r+2].u.md_str = malloc(strlen("odmiana ")+strlen(stylelist[i][other_pos].str)+1);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2927:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strings[3*r+2].u.md_str = malloc(strlen("odmiana ")+strlen(stylelist[i][other_pos].str)+1);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2934:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc((strlen(new)
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2935:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(stylelist[i][other_pos].str)
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2936:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
- strlen(stylelist[i][j].str)
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2938:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temp,new,pt-new);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2940:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(temp+(pt-new),pt+strlen(stylelist[i][j].str));
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2953:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strings[3*r+2].u.md_str = malloc(strlen("odmiana ")+strlen(new)+1);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:2953:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strings[3*r+2].u.md_str = malloc(strlen("odmiana ")+strlen(new)+1);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3325:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen( bpt );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:3328:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( bpt ) + 1; /* for a new line */
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6638:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(popup_msg);
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6642:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen( popup_msg+pos );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6652:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen( popup_msg+pos );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6657:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen( popup_msg+pos );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6663:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen( popup_msg+pos );
data/fontforge-20201107~dfsg/fontforgeexe/fontinfo.c:6703:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen( popup_msg+pos );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:592:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pt, *newname = malloc(strlen(oldname)+8);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:596:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = newname+strlen(newname);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:639:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc((strlen(fn)+10));
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:699:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* newpath = copyn( filename, strlen(filename) + strlen(".sfd") + 1 );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:699:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* newpath = copyn( filename, strlen(filename) + strlen(".sfd") + 1 );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:753:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return( filename[strlen(filename)-1]=='~' );
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1100:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc(strlen(temp)+1+strlen(file)+1);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1100:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc(strlen(temp)+1+strlen(file)+1);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1101:40: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcpy(full,temp); strcat(full,"/"); strcat(full,file);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1714:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return( name+strlen(name));
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:1803:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *eop = pattern + strlen(pattern);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3578:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fv->b.sf->fontname)+1 + strlen(enc)+6;
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3578:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fv->b.sf->fontname)+1 + strlen(enc)+6;
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3579:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( fv->b.normal ) len += strlen(_("Compact"))+1;
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3588:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += 2+strlen(file);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3656:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename,"/");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:3664:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(buf2,cmapflag,strlen(cmapflag))!=0 )
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4056:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(fv->b.sf->filename)+20);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4060:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf,"~");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4935:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(old))!=EOF )
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:4989:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5692:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
feat_sc->name = malloc(strlen(base_sc->name)+strlen(fv->cur_subtable->suffix)+2);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5692:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
feat_sc->name = malloc(strlen(base_sc->name)+strlen(fv->cur_subtable->suffix)+2);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5698:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
feat_sc->name = malloc(strlen(base_sc->name)+14);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:5704:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
feat_sc->name = malloc(strlen(base_sc->name)+6);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:6400:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cnt += strlen(sf->glyphs[gid]->name)+1;
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:6406:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cnt += strlen(sf->glyphs[gid]->name);
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:6407:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(data+cnt++," ");
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:7791:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(repr)+2;
data/fontforge-20201107~dfsg/fontforgeexe/fontview.c:7794:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt += strlen( repr );
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:51:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc(strlen(filename)+1+strlen(file)+1);
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:51:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc(strlen(filename)+1+strlen(file)+1);
data/fontforge-20201107~dfsg/fontforgeexe/fvfontsdlg.c:52:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcpy(full,filename); strcat(full,"/"); strcat(full,file);
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:890:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncasecmp(nm,"color=#",strlen("color=#"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:891:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Color col = strtoul(nm+strlen("color=#"),NULL,16);
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:933:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sc->name)+1;
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:972:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:984:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1405:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncasecmp(name,"color=#",strlen("color=#"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1406:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Color col = strtoul(name+strlen("color=#"),NULL,16);
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1468:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(prefix) + strlen(first->name) + 3 );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1468:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(prefix) + strlen(first->name) + 3 );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1472:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(prefix) + strlen(first->name) + strlen(second->name) + 5 );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1472:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(prefix) + strlen(first->name) + strlen(second->name) + 5 );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1472:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(prefix) + strlen(first->name) + strlen(second->name) + 5 );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1476:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(prefix) + strlen(first->name) + strlen(second->name) + 9 );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1476:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(prefix) + strlen(first->name) + strlen(second->name) + 9 );
data/fontforge-20201107~dfsg/fontforgeexe/groupsdlg.c:1476:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(prefix) + strlen(first->name) + strlen(second->name) + 9 );
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:310:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = buffer+strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:313:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( pt+strlen(h->chars[i]->name)+4>end ) {
data/fontforge-20201107~dfsg/fontforgeexe/histograms.c:318:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:169:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(strings[1*i+0].u.md_str) +1;
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:173:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ret," ");
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:174:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret += strlen(ret);
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:344:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(temp)==end-start && strncmp(temp,start,end-start)==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:374:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(otl->lookup_name) +2;
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:381:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret += strlen(ret);
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:554:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(otll[i]->lookup_name) +2;
data/fontforge-20201107~dfsg/fontforgeexe/justifydlg.c:562:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1339:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlen = strlen(name);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1472:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(space);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1473:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(space+len,str,sizeof(space)/2-2 - len);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1476:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(space+strlen(space),"\n");
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1476:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(space+strlen(space),"\n");
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1479:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(space);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1484:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(space);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1485:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(space+len,str,sizeof(space)-1 - len);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1491:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( space[strlen(space)-1]=='\n' )
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1492:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space[strlen(space)-1]='\0';
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1924:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt1 = start1+strlen(start1);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1959:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt1 = start1+strlen(start1);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:1989:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt1 = start1+strlen(start1);
data/fontforge-20201107~dfsg/fontforgeexe/kernclass.c:2048:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt1 = start1+strlen(start1);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1271:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(strings[2*i+0].u.md_str)>4 ) {
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1312:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rpt,foo,4);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1320:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rpt,foo,4);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:1843:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strlen(strings[2*i+0].u.md_str)>4 ) {
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:3564:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( sc->name );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4068:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( "StartChar:", strlen("StartChar:"), 1, retf );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4069:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( glyph, strlen(glyph), 1, retf );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4071:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( line, strlen(line), 1, retf );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4073:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( "EndChar\n", strlen("EndChar\n"), 1, retf );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4104:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( oldstr, strlen(oldstr), 1, of );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4105:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( newstr, strlen(newstr), 1, nf );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4116:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( !strnmatch( oline, "StartChar:", strlen( "StartChar:" ))) {
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4117:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen("StartChar:");
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4123:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( oline, strlen(oline), 1, retf );
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4518:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt = ret = malloc(strlen(str)+1);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4549:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt = ret = malloc(strlen(str) + (cnt+1)*7 + 1);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4558:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rpt += strlen(rpt);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4593:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sc->name);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4615:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc((strlen(sc->name) + 5) * sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:4695:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unichar_t *temp = malloc((spt-basept+strlen(sc->name)+4)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:5288:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
def = freeme = malloc(strlen(sub->lookup->lookup_name)+10);
data/fontforge-20201107~dfsg/fontforgeexe/lookupui.c:6624:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *name = malloc(pt-sourcesc->name+strlen(suffix)+2);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:261:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(lang)+strlen(temp)+strlen(spacer)+1));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:261:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(lang)+strlen(temp)+strlen(spacer)+1));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:261:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(lang)+strlen(temp)+strlen(spacer)+1));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:265:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(hunh)+strlen(temp)+strlen(spacer)+1));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:265:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(hunh)+strlen(temp)+strlen(spacer)+1));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:265:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(hunh)+strlen(temp)+strlen(spacer)+1));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:294:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(buf)+strlen(temp)+1)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:294:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(buf)+strlen(temp)+1)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:322:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(buf)+strlen(temp)+1)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:322:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(buf)+strlen(temp)+1)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:397:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((u_strlen(lang)+strlen(temp)+6)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:401:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(hunh)+strlen(temp)+6)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:401:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full = malloc((strlen(hunh)+strlen(temp)+6)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:758:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(temp);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:759:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res = malloc( (strlen(buf)+len+3)*sizeof(unichar_t) );
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:1060:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(temp);
data/fontforge-20201107~dfsg/fontforgeexe/macencui.c:1061:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res = malloc( (strlen(buf)+len+3)*sizeof(unichar_t) );
data/fontforge-20201107~dfsg/fontforgeexe/math.c:277:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(gv->parts[i].component);
data/fontforge-20201107~dfsg/fontforgeexe/math.c:282:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( buffer );
data/fontforge-20201107~dfsg/fontforgeexe/math.c:287:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(gv->parts[i].component);
data/fontforge-20201107~dfsg/fontforgeexe/math.c:293:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( buffer );
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:767:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1]=='0' ) {
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:768:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:769:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1]=='0' ) {
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:770:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:771:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1]=='.' )
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:772:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:778:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1]=='0' ) {
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:779:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:780:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1]=='0' ) {
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:781:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:782:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1]=='.' )
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:783:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5136:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(sname)+strlen(lname)+3);
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5136:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(sname)+strlen(lname)+3);
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5137:27: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcpy(temp,sname); strcat(temp,"{"); strcat(temp,lname); strcat(temp,"}");
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5137:65: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcpy(temp,sname); strcat(temp,"{"); strcat(temp,lname); strcat(temp,"}");
data/fontforge-20201107~dfsg/fontforgeexe/metricsview.c:5299:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(mv->chars[cnt]->name);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:123:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(dv+len);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:127:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(len+strlen(ndv)+strlen(cdv)+20);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:127:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(len+strlen(ndv)+strlen(cdv)+20);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:135:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(temp+len);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:143:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(temp+len);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:202:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:549:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
axisnames[i] = malloc(strlen(axisrange)+3+strlen(an));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:549:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
axisnames[i] = malloc(strlen(axisrange)+3+strlen(an));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:616:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:957:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:962:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = malloc(((pt-buffer) + strlen(style) + 1)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1342:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1345:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen( buffer+pos );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1352:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(buffer+pos);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1362:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(buffer)+strlen(elsepart)+40);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1362:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(buffer)+strlen(elsepart)+40);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1403:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1407:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1411:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen( buffer+pos );
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1414:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(buffer+pos);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1421:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(buffer)+strlen(elsepart)+40);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1421:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = malloc(strlen(buffer)+strlen(elsepart)+40);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1434:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(header)+strlen(ret)+2);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1434:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(header)+strlen(ret)+2);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1437:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp,"\n");
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1510:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(lines[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1515:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(lines[i]);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1527:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
standard_cdvs[4] = malloc(strlen(cdv_4axis[0])+strlen(cdv_4axis[1])+
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1527:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
standard_cdvs[4] = malloc(strlen(cdv_4axis[0])+strlen(cdv_4axis[1])+
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1528:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cdv_4axis[2])+2);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1566:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(temp+pos);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1592:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(temp+pos);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1600:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(temp+pos);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1630:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1635:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ti[i].text = malloc((strlen(buffer)+3+strlen(ustyle))*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1635:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ti[i].text = malloc((strlen(buffer)+3+strlen(ustyle))*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:1729:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2826:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 += strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/mmdlg.c:2830:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 += strlen(buffer);
data/fontforge-20201107~dfsg/fontforgeexe/openfontdlg.c:562:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(fontnames[cnt])+1;
data/fontforge-20201107~dfsg/fontforgeexe/openfontdlg.c:567:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(fontnames[cnt]);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:634:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(gfc_bookmarks+len);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:909:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strchr(enc,'@')!=NULL && strlen(enc)<sizeof(buffer)-1 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1026:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fseek(p,-(strlen(line)-strlen("MacFeat:")),SEEK_CUR);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1026:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fseek(p,-(strlen(line)-strlen("MacFeat:")),SEEK_CUR);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1027:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("MacFeat:")] ='\0';
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1029:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fseek(p,-strlen(line),SEEK_CUR);
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1062:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line[strlen(line)-1]=='\n' )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1063:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1064:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line[strlen(line)-1]=='\r' )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1065:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1067:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(line,"Recent:",strlen("Recent:"))==0 && ri<RECENT_MAX )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1069:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"MenuScript:",strlen("MenuScript:"))==0 && ms<SCRIPT_MENU_MAX )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1071:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"MenuName:",strlen("MenuName:"))==0 && mn<SCRIPT_MENU_MAX )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1073:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"FontFilterName:",strlen("FontFilterName:"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1079:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"FontFilter:",strlen("FontFilter:"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1082:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"MacMapCnt:",strlen("MacSetCnt:"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1086:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"MacMapping:",strlen("MacMapping:"))==0 && msp<msc ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1088:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"MacFeat:",strlen("MacFeat:"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1184:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line[strlen(line)-1]=='\n' )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1185:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1186:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( line[strlen(line)-1]=='\r' )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1187:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1189:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(line,"Recent:",strlen("Recent:"))==0 && ri<RECENT_MAX )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1191:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"MenuScript:",strlen("MenuScript:"))==0 && ms<SCRIPT_MENU_MAX )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1193:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"MenuName:",strlen("MenuName:"))==0 && mn<SCRIPT_MENU_MAX )
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1195:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(line,"FontFilterName:",strlen("FontFilterName:"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1201:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"FontFilter:",strlen("FontFilter:"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1204:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"MacMapCnt:",strlen("MacSetCnt:"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1208:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"MacMapping:",strlen("MacMapping:"))==0 && msp<msc ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1210:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( strncmp(line,"MacFeat:",strlen("MacFeat:"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/prefs.c:1918:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( pt=xuid+strlen(xuid)-1; pt>xuid && *pt==' '; --pt );
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:1995:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( end==NULL ) end=pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2141:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *res = malloc(strlen(*base)+strlen(new)-(end-str)+1);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2141:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *res = malloc(strlen(*base)+strlen(new)-(end-str)+1);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2142:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(res,*base,str-*base);
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:2456:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
off += (strlen(new)-(end-str));
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:4276:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( _(vserrornames[m]))+2;
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:4278:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( _("Bad Private Dictionary")) +2;
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:4285:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( ret+len );
data/fontforge-20201107~dfsg/fontforgeexe/problems.c:4291:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( ret+len );
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1183:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dir)+strlen(filename)>sizeof(buffer)-2 )
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1183:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dir)+strlen(filename)>sizeof(buffer)-2 )
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1187:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"/");
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1192:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(buf2,pfaeditflag,strlen(pfaeditflag))==0 )
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1210:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename,"/");
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1217:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(buf2,pfaeditflag,strlen(pfaeditflag))==0 )
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1315:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_name = malloc (sizeof(char) * (strlen(original_name) + 12));
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1418:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (strlen(d->sf->fontname)>31 || (d->sf->familyname!=NULL && strlen(d->sf->familyname)>31)) && !psfnlenwarned ) {
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1418:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (strlen(d->sf->fontname)>31 || (d->sf->familyname!=NULL && strlen(d->sf->familyname)>31)) && !psfnlenwarned ) {
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:1955:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/savefontdlg.c:2687:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unichar_t *temp = malloc(sizeof(unichar_t)*(strlen(fn)+30));
data/fontforge-20201107~dfsg/fontforgeexe/scriptingdlg.c:69:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert = malloc((strlen(fn)+10)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:360:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(ret);
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:377:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(ret);
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:440:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GDrawAddSelectionType(st->g.base,sel,"UTF8_STRING",ctemp,strlen(ctemp),sizeof(char),
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:530:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = utf82u_copyn(ctemp,strlen(ctemp));
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:709:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(scriptlangs[i])-10;
data/fontforge-20201107~dfsg/fontforgeexe/sftextfield.c:787:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
basename = malloc(strlen(st->li.fontlist->fd->sf->fontname)+8);
data/fontforge-20201107~dfsg/fontforgeexe/sfundo.c:95:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen( term );
data/fontforge-20201107~dfsg/fontforgeexe/sfundo.c:115:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( !strncmp( str, "BeginFontLevelUndo", strlen("BeginFontLevelUndo")))
data/fontforge-20201107~dfsg/fontforgeexe/sfundo.c:157:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( sfdchunk, strlen(sfdchunk), 1, sfd );
data/fontforge-20201107~dfsg/fontforgeexe/sfundo.c:175:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite( sfdchunk, strlen(sfdchunk), 1, sfd );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:349:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( kc->offsets[index*kc->second_cnt+i]!=0 && strlen(kc->seconds[i])!=0 )
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:355:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i=1; i<kc->second_cnt; ++i ) if ( kc->offsets[index*kc->second_cnt+i]!=0 && strlen(kc->seconds[i])!=0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:357:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf)+strlen(kc->seconds[i])+1;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:357:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf)+strlen(kc->seconds[i])+1;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:378:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( cnt2 && strlen(kc->firsts[i])>0 )
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:389:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( cnt2==0 || strlen(kc->firsts[i])==0 )
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:438:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.glyph.back)+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:438:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.glyph.back)+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:440:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
upt = lines[len].label+strlen(lines[len].label);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:441:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( pt=r->u.glyph.back+strlen(r->u.glyph.back); pt>r->u.glyph.back; pt=start ) {
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:454:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.glyph.names)+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:454:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.glyph.names)+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:463:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.glyph.fore)+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:463:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.glyph.fore)+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:524:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.coverage.bcovers[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:524:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.coverage.bcovers[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:534:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.coverage.ncovers[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:534:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.coverage.ncovers[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:544:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.coverage.fcovers[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:544:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.coverage.fcovers[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:572:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.rcoverage.replacements)+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:572:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(r->u.rcoverage.replacements)+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:619:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(fpst->bclass[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:619:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(fpst->bclass[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:629:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(fpst->nclass[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:629:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(fpst->nclass[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:639:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(fpst->fclass[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:639:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(fpst->fclass[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:707:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(sm->classes[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:707:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lines[len].label = malloc((strlen(buf)+strlen(sm->classes[j])+1));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:721:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( space+strlen(space), "%5d", sm->state[j*sm->class_cnt+k].next_state );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:730:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( space+strlen(space), " %04x", sm->state[j*sm->class_cnt+k].flags );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:743:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( space+strlen(space), " %.80s", sm->state[j*sm->class_cnt+k].u.context.mark_lookup->lookup_name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:755:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( space+strlen(space), " %.80s", sm->state[j*sm->class_cnt+k].u.context.cur_lookup->lookup_name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:810:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " ∆x¹=%d", pst->u.pair.vr[0].xoff );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:812:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " ∆y¹=%d", pst->u.pair.vr[0].yoff );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:814:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " ∆x_adv¹=%d", pst->u.pair.vr[0].h_adv_off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:816:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " ∆y_adv¹=%d", pst->u.pair.vr[0].v_adv_off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:818:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " ∆x²=%d", pst->u.pair.vr[1].xoff );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:820:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " ∆y²=%d", pst->u.pair.vr[1].yoff );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:822:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " ∆x_adv²=%d", pst->u.pair.vr[1].h_adv_off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:824:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), " ∆y_adv²=%d", pst->u.pair.vr[1].v_adv_off );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:970:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sc->name)+40;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:972:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sc->name)+strlen(pst->u.subs.variant)+8;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:972:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sc->name)+strlen(pst->u.subs.variant)+8;
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1144:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf," ");
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1291:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf," ");
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1314:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc((strlen(_sf->mark_classes[i]) + strlen(_sf->mark_class_names[i]) + 4));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1314:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc((strlen(_sf->mark_classes[i]) + strlen(_sf->mark_class_names[i]) + 4));
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1555:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buffer+strlen(buffer), " %c%c%c%c: %d ",
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1655:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,sc->name,70);
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1657:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buffer+strlen(buffer), _(" Left Bound=%d"),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1660:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buffer+strlen(buffer), _(" Right Bound=%d"),
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1744:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), _(" Mirror=%.30s"), sf->glyphs[k]->name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1750:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buffer+strlen(buffer), _(" Mirror=%.30s"), sf->glyphs[k]->name );
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1876:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf," ");
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:1914:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf," ");
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2897:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(nf->file))==' ' )
data/fontforge-20201107~dfsg/fontforgeexe/showatt.c:2912:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(nf->file);
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:368:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
copy(msg),strlen(msg),1,
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:720:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((full = malloc(strlen(window_name)+strlen(cmndline_val)+4))!=NULL) {
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:720:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((full = malloc(strlen(window_name)+strlen(cmndline_val)+4))!=NULL) {
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:762:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = CFStringCreateWithBytes(NULL,(uint8 *) keystr,strlen(keystr), kCFStringEncodingISOLatin1, 0);
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1138:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strncmp(pt,"-usecairo",strlen("-usecairo"))==0 ) {
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1352:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(pt,"-usecairo",strlen("-usecairo"))==0 ||
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1373:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = malloc(strlen(buffer)+strlen("/glyphs/contents.plist")+1);
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1373:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = malloc(strlen(buffer)+strlen("/glyphs/contents.plist")+1);
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1389:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buffer[strlen(buffer)-1]!='/' ) {
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1391:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer)+1]='\0';
data/fontforge-20201107~dfsg/fontforgeexe/startui.c:1392:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer)] = '/';
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:308:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf( buf+strlen(buf), "%d ", this->u.kern.kerns[j]);
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:309:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[0]!='\0' && buf[strlen(buf)-1]==' ' )
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:310:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:947:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( buf );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1006:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,this->u.context.mark_lookup->lookup_name,6);
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1011:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,this->u.insert.mark_ins,5);
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1017:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf+strlen(buf),"%d ", this->u.kern.kerns[j]);
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1018:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kddd = ( strlen(buf)>5 );
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1029:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,indicverbs[1][this->flags&0xf],sizeof(buf)-1);
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1032:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,this->u.context.cur_lookup->lookup_name,6);
data/fontforge-20201107~dfsg/fontforgeexe/statemachine.c:1037:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,this->u.insert.cur_ins,5);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1413:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(title+5, sf->fontname, sizeof(title)/sizeof(title[0])-6);
data/fontforge-20201107~dfsg/fontforgeexe/ttfinstrsui.c:1736:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(title+5, sf->fontname, sizeof(title)-6);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:77:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,loc,sizeof(buffer));
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:317:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cnt = strlen(errdata.errlines[l]+s_c)+1;
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:319:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cnt += strlen(errdata.errlines[l])+1;
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:324:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = ret+strlen( ret );
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:328:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:331:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pt,errdata.errlines[l],e_c);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:333:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(ret);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:346:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(errdata.errlines[l]);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:530:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buffer[strlen(buffer)-1]=='\n' ) buffer[strlen(buffer)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:530:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buffer[strlen(buffer)-1]=='\n' ) buffer[strlen(buffer)-1] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:548:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( end==NULL ) end = pt+strlen(pt);
data/fontforge-20201107~dfsg/fontforgeexe/uiutil.c:601:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( str[strlen(str)-1]!='\n' )
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:74:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( sc->name ) == 1 )
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:167:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* endofglyphname = glyphname + strlen(glyphname);
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:189:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* endofglyphname = glyphname + strlen(glyphname);
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:213:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
glyphname[ strlen(glyphname)-1 ] = '\0';
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:635:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buffer,""); /* Zero width space: 0x200b, I use as a flag */
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:647:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buffer[strlen(buffer)-1]=='\n' )
data/fontforge-20201107~dfsg/fontforgeexe/wordlistparser.c:648:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer)-1] = '\0';
data/fontforge-20201107~dfsg/gdraw/ctlvalues.c:39:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1]==' ' )
data/fontforge-20201107~dfsg/gdraw/ctlvalues.c:40:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]='\0';
data/fontforge-20201107~dfsg/gdraw/ctlvalues.c:41:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1]==':' )
data/fontforge-20201107~dfsg/gdraw/ctlvalues.c:42:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]='\0';
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:187:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(gd->err_report) + strlen(buffer) + 1 < 2048) {
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:187:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(gd->err_report) + strlen(buffer) + 1 < 2048) {
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:208:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsnprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), fmt, ap);
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:208:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsnprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), fmt, ap);
data/fontforge-20201107~dfsg/gdraw/gdrawerror.c:240:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsprintf(buf+strlen(buf), fmt, ap);
data/fontforge-20201107~dfsg/gdraw/gdrawwacomdriver.c:527:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (len=read(gdisp->wacom_fd,ev,sizeof(ev)))>0 ) {
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:211:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(utf8_ent_name,u_to_c( ent->name ),PATH_MAX);
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:232:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(utf8_ent_name,u_to_c(e->name),PATH_MAX);
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:242:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mime,u_to_c(e->mimetype),99);
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:247:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mime,temp,99);
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:449:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int dcnt = strlen(drives);
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:1067:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space = malloc((strlen(home)+u_strlen(bookmarks[mi->mid])+2)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/gdraw/gfilechooser.c:1083:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space = malloc((strlen(home)+u_strlen(bookmarks[mi->mid])+2)*sizeof(unichar_t));
data/fontforge-20201107~dfsg/gdraw/ggdkdraw.c:1907:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(ret);
data/fontforge-20201107~dfsg/gdraw/gimageclut.c:404:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(name)==7 && sscanf(name,"#%2x%2x%2x", (unsigned *) &r, (unsigned *) &g, (unsigned *) &b )==3) ) {
data/fontforge-20201107~dfsg/gdraw/gimageclut.c:409:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( (strlen(name)==9 && sscanf(name,"#%2x%2x%2x%2x",
data/fontforge-20201107~dfsg/gdraw/gimageclut.c:462:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( (strlen(name)==4 && sscanf(name,"#%1x%1x%1x", (unsigned *) &r, (unsigned *) &g, (unsigned *) &b )==3) ) {
data/fontforge-20201107~dfsg/gdraw/gimageclut.c:467:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ( (strlen(name)==17 && sscanf(name,"#%4x%4x%4x", (unsigned *) &r, (unsigned *) &g, (unsigned *) &b )==3) ) {
data/fontforge-20201107~dfsg/gdraw/gmenu.c:391:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,".");
data/fontforge-20201107~dfsg/gdraw/gmenu.c:607:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if( m->owner && strlen(m->subMenuName) )
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1037:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ret,text_untranslated,PATH_MAX);
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1074:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( prefix, prefix_const, PATH_MAX );
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1077:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( prefix, tofree,PATH_MAX );
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1087:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(prefix) < l )
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1158:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int actionlen = strlen(action);
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1159:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int prefixlen = strlen(windowType) + 1 + strlen("Menu.");
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1159:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int prefixlen = strlen(windowType) + 1 + strlen("Menu.");
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1466:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m->subMenuName,subMenuName,sizeof(m->subMenuName)-1);
data/fontforge-20201107~dfsg/gdraw/gmenu.c:1512:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if( owner && strlen(m->subMenuName) )
data/fontforge-20201107~dfsg/gdraw/gresedit.c:96:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(rq.utf8_family_name);
data/fontforge-20201107~dfsg/gdraw/gresedit.c:828:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strncmp(paths[i],ri->filename,strlen(paths[i]))==0 ) {
data/fontforge-20201107~dfsg/gdraw/gresedit.c:829:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pt = ri->filename+strlen(paths[i]);
data/fontforge-20201107~dfsg/gdraw/gresource.c:88:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(prefix);
data/fontforge-20201107~dfsg/gdraw/gresource.c:179:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(GResourceProgramName);
data/fontforge-20201107~dfsg/gdraw/gresource.c:188:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( next==NULL ) next = pt+strlen(pt);
data/fontforge-20201107~dfsg/gdraw/gresource.c:210:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( next==NULL ) next = pt+strlen(pt);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:325:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gt->lines8[i] = strlen(utf8_text);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:328:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gt->lines8[i] = gt->lines8[i-1] + strlen( utf8_text + gt->lines8[i-1]);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:452:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( gt->lines8[i+1]==-1 ) ll = strlen(gt->utf8_text+gt->lines8[i]); else ll = gt->lines8[i+1]-gt->lines8[i]-1;
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:500:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(ret);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:517:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(ret);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:585:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GDrawAddSelectionType(gt->g.base,sel,"UTF8_STRING",copy(ctemp),strlen(ctemp),
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:588:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GDrawAddSelectionType(gt->g.base,sel,"text/plain;charset=UTF-8",ctemp,strlen(ctemp),
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:593:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GDrawAddSelectionType(gt->g.base,sel,"STRING",ctemp2,strlen(ctemp2),
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:684:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = utf82u_copyn(ctemp,strlen(ctemp));
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:831:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file); ch3 = getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:831:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file); ch3 = getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:831:46: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file); ch3 = getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:839:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:841:2: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(file); /* rewind probably undoes the ungetc, but let's not depend on it */
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:848:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch=getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:854:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:857:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file); ch3 = getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:857:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file); ch3 = getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:861:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file); ch3 = getc(file); ch4=getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:861:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file); ch3 = getc(file); ch4=getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:861:43: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch2 = getc(file); ch3 = getc(file); ch4=getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:870:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextfield.c:870:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(file); ch2 = getc(file);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:221:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(utf8buf);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:224:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint8 *pt = (const uint8 *) utf8buf, *end = pt+strlen(utf8buf);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:344:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
imagepathlenmax = strlen(imagepath[0]);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:385:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(bucket->filename)+imagepathlenmax+3 > pathlen ) {
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:386:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(bucket->filename)+imagepathlenmax+20;
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:454:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(getenv("HOME"));
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:457:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(absname+hlen,start+1,len-1);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:486:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
imagepath[cnt] = ImagePathFigureElement(pt,strlen(pt));
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:490:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(imagepath[cnt]) > imagepathlenmax )
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:491:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
imagepathlenmax = strlen(imagepath[cnt]);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:515:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = malloc(strlen(filename)+imagepathlenmax+10 );
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:574:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *absname = malloc( strlen(getenv("HOME"))+strlen(fname)+8 );
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:574:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *absname = malloc( strlen(getenv("HOME"))+strlen(fname)+8 );
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:889:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( sh==shortcut && strlen(shortcut)>2 && shortcut[2]=='*' ) {
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:908:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = sh+strlen(sh);
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:938:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( hk->text, shortcut, HOTKEY_TEXT_MAX_SIZE );
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:944:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( sh==shortcut && strlen(shortcut)>2 && shortcut[2]=='*' ) {
data/fontforge-20201107~dfsg/gdraw/gtextinfo.c:1026:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( sh==shortcut && strlen(shortcut)>2 && shortcut[2]=='*' ) {
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:1553:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( propret[i]);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:1557:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( propret[i]);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:2596:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fd_set read, write, except;
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:2632:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FD_ZERO(&read); FD_ZERO(&write); FD_ZERO(&except);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:2633:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FD_SET(fd,&read);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:2636:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FD_SET(gdisp->xthread.sync_sock,&read);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:2642:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FD_SET(gdisp->wacom_fd,&read);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:3532:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fd_set read, write, except;
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:3582:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FD_ZERO(&read); FD_ZERO(&write); FD_ZERO(&except);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:3583:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FD_SET(fd,&read);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:3586:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FD_SET(gdisp->xthread.sync_sock,&read);
data/fontforge-20201107~dfsg/gdraw/gxdraw.c:3592:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FD_SET(gdisp->wacom_fd,&read);
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:55:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( buffer, hk->action, len );
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:72:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(windowType) < len )
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:176:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ( line[strlen(line)-1]==' ' )
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:177:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/fontforge-20201107~dfsg/gdraw/hotkeys.c:187:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( hk->action, action, HOTKEY_ACTION_MAX_SIZE );
data/fontforge-20201107~dfsg/gutils/fsys.c:128:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp);
data/fontforge-20201107~dfsg/gutils/fsys.c:213:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buffer[strlen(buffer)-1]!='/' )
data/fontforge-20201107~dfsg/gutils/fsys.c:214:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"/");
data/fontforge-20201107~dfsg/gutils/fsys.c:251:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(result,name,rsiz);
data/fontforge-20201107~dfsg/gutils/fsys.c:271:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( fname )<size-1 ) /* valgrind didn't like my strncpies but this complication makes it happy */
data/fontforge-20201107~dfsg/gutils/fsys.c:274:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,fname,size-1);
data/fontforge-20201107~dfsg/gutils/fsys.c:279:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( dir )<size-3 )
data/fontforge-20201107~dfsg/gutils/fsys.c:282:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,dir,size-3);
data/fontforge-20201107~dfsg/gutils/fsys.c:286:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/fontforge-20201107~dfsg/gutils/fsys.c:289:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( fname )<size-1 )
data/fontforge-20201107~dfsg/gutils/fsys.c:292:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer+len,fname,size-len-1);
data/fontforge-20201107~dfsg/gutils/fsys.c:307:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,fname,size-1);
data/fontforge-20201107~dfsg/gutils/fsys.c:312:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,oldname,size-3);
data/fontforge-20201107~dfsg/gutils/fsys.c:315:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/fontforge-20201107~dfsg/gutils/fsys.c:318:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer+len,fname,size-len-1);
data/fontforge-20201107~dfsg/gutils/fsys.c:340:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = (char *) malloc((strlen(dir)+strlen(name)+3));
data/fontforge-20201107~dfsg/gutils/fsys.c:340:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = (char *) malloc((strlen(dir)+strlen(name)+3));
data/fontforge-20201107~dfsg/gutils/fsys.c:342:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = ret+strlen(ret);
data/fontforge-20201107~dfsg/gutils/fsys.c:347:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/fontforge-20201107~dfsg/gutils/fsys.c:390:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,file,1024);
data/fontforge-20201107~dfsg/gutils/fsys.c:393:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buffer,".");
data/fontforge-20201107~dfsg/gutils/fsys.c:777:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buffer,".");
data/fontforge-20201107~dfsg/gutils/fsys.c:848:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = program_dir + strlen(program_dir);
data/fontforge-20201107~dfsg/gutils/fsys.c:850:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (pt-program_dir)+strlen("/share/fontforge")+1;
data/fontforge-20201107~dfsg/gutils/fsys.c:852:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sharedir,program_dir,pt-program_dir);
data/fontforge-20201107~dfsg/gutils/fsys.c:866:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(prefix) + strlen("/../locale") + 2;
data/fontforge-20201107~dfsg/gutils/fsys.c:866:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(prefix) + strlen("/../locale") + 2;
data/fontforge-20201107~dfsg/gutils/fsys.c:882:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(prefix) + strlen("/pixmaps") + 2;
data/fontforge-20201107~dfsg/gutils/fsys.c:882:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(prefix) + strlen("/pixmaps") + 2;
data/fontforge-20201107~dfsg/gutils/fsys.c:899:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(prefix) + strlen(postfix) + 2;
data/fontforge-20201107~dfsg/gutils/fsys.c:899:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(prefix) + strlen(postfix) + 2;
data/fontforge-20201107~dfsg/gutils/fsys.c:1050:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bwrite = strlen(data);
data/fontforge-20201107~dfsg/gutils/fsys.c:1082:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pos = strlen(my_documents);
data/fontforge-20201107~dfsg/gutils/fsys.c:1111:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(path);
data/fontforge-20201107~dfsg/gutils/fsys.c:1127:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ret);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:38:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:38:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:48:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || \
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:48:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || \
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:49:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(ch3=fgetc(fp))<0 || (ch4=fgetc(fp))<0 ) {
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:49:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(ch3=fgetc(fp))<0 || (ch4=fgetc(fp))<0 ) {
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:72:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( fgetc(fp)!='B' || getc(fp)!='M' || /* Bad format */ \
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:72:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( fgetc(fp)!='B' || getc(fp)!='M' || /* Bad format */ \
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:130:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (b=fgetc(fp))<0 || (g=fgetc(fp))<0 || (r=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:130:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (b=fgetc(fp))<0 || (g=fgetc(fp))<0 || (r=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:130:48: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (b=fgetc(fp))<0 || (g=fgetc(fp))<0 || (r=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:133:31: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( head->headersize!=12 && fgetc(fp)<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:177:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:183:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int cnt = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:185:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:189:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:193:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
head->byte_pixels[ii++] = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:195:4: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:201:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int x=getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:202:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int y = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:215:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b1 = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:216:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b2 = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:217:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b3 = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:218:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b4 = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:229:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:235:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int cnt = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:237:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:244:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:248:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:254:4: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:260:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int x=getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:261:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int y = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:274:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
head->byte_pixels[ii+j] = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:277:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:284:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:285:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int g = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:286:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int r = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:290:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(file); /* ignore padding */
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:297:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:298:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:299:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = getc(file);
data/fontforge-20201107~dfsg/gutils/gimagereadbmp.c:300:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) getc(file); /* Ignore the alpha channel */
data/fontforge-20201107~dfsg/gutils/gimagereadpng.c:52:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read;
data/fontforge-20201107~dfsg/gutils/gimagereadpng.c:76:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(data, buf->buffer+buf->read, sz);
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:54:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || \
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:54:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || \
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:55:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(ch3=fgetc(fp))<0 || (ch4=fgetc(fp))<0 ) {
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:55:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(ch3=fgetc(fp))<0 || (ch4=fgetc(fp))<0 ) {
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:123:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( fgetc(fp)<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:141:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || (ch3=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:141:37: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || (ch3=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:141:58: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || (ch3=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:146:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( fgetc(fp)<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:164:6: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(fp); /* pad byte */
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:165:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = fgetc(fp); ch2 = fgetc(fp); ch3 = fgetc(fp);
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:165:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = fgetc(fp); ch2 = fgetc(fp); ch3 = fgetc(fp);
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:165:46: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = fgetc(fp); ch2 = fgetc(fp); ch3 = fgetc(fp);
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:183:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || (ch3=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:183:37: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || (ch3=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:183:58: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || (ch3=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:188:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( fgetc(fp)<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:206:6: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(fp); /* pad byte */
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:207:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = fgetc(fp); ch2 = fgetc(fp); ch3 = fgetc(fp);
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:207:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = fgetc(fp); ch2 = fgetc(fp); ch3 = fgetc(fp);
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:207:46: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch1 = fgetc(fp); ch2 = fgetc(fp); ch3 = fgetc(fp);
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:236:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (val=fgetc(fp))<0 ) goto errorReadRle8Bit;
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:239:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (cnt=fgetc(fp))<0 ) goto errorReadRle8Bit;
data/fontforge-20201107~dfsg/gutils/gimagereadras.c:242:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (val=fgetc(fp))<0 ) goto errorReadRle8Bit;
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:56:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || \
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:56:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 || \
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:57:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(ch3=fgetc(fp))<0 || (ch4=fgetc(fp))<0 ) {
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:57:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(ch3=fgetc(fp))<0 || (ch4=fgetc(fp))<0 ) {
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:69:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:69:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch1=fgetc(fp))<0 || (ch2=fgetc(fp))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:78:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(head->format=fgetc(fp))<0 || \
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:79:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(head->bpc=fgetc(fp))<0 || \
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:138:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=fgetc(fp))<0 ) return( -2 );
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:142:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=fgetc(fp))<0 ) return( -2 );
data/fontforge-20201107~dfsg/gutils/gimagereadrgb.c:146:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=fgetc(fp))<0 ) return( -2 );
data/fontforge-20201107~dfsg/gutils/gimagereadxbm.c:63:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(file))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadxbm.c:74:42: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( fscanf(file,"static ")<0 || (ch=getc(file))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadxbm.c:77:40: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( fscanf(file,"nsigned ")<0 || (ch=getc(file))<0 )
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:92:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (ch=getc(fp))>=0 ) {
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:96:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(fp))<0 ) break;
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:100:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (ch=getc(fp))<0 ) break;
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:109:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( --sz>0 && (ch=getc(fp))>=0 && ch!='"' )
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:122:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( --sz>0 && (ch=getc(fp))>=0 && ch!='\n' && ch!='\r' )
data/fontforge-20201107~dfsg/gutils/gimagereadxpm.c:124:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( ch=='\r' && (ch=getc(fp))!='\n' )
data/fontforge-20201107~dfsg/gutils/gimagewritegimage.c:109:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(stem,pt,sizeof(stem)); stem[255]='\0';
data/fontforge-20201107~dfsg/gutils/gimagewritexbm.c:51:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(stem,pt,sizeof(stem)); stem[255]='\0';
data/fontforge-20201107~dfsg/gutils/gimagewritexpm.c:38:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( len==0 ) len = strlen(usable);
data/fontforge-20201107~dfsg/gutils/gimagewritexpm.c:77:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(stem,pt,sizeof(stem)); stem[255]='\0';
data/fontforge-20201107~dfsg/gutils/giofile.c:116:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (char *) malloc(strlen(path)+FILENAME_MAX+3);
data/fontforge-20201107~dfsg/gutils/giofile.c:118:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ept = buffer+strlen(buffer);
data/fontforge-20201107~dfsg/po/toengb.c:80:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int flen = strlen(find), rlen = strlen(rpl);
data/fontforge-20201107~dfsg/po/toengb.c:80:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int flen = strlen(find), rlen = strlen(rpl);
data/fontforge-20201107~dfsg/po/toengb.c:85:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( mpt = line+strlen(line); mpt>=pt+flen; --mpt )
data/fontforge-20201107~dfsg/tests/randomtest.c:118:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch1 = getc(foo);
data/fontforge-20201107~dfsg/tests/randomtest.c:119:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch2 = getc(foo);
data/fontforge-20201107~dfsg/tests/randomtest.c:120:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch3 = getc(foo);
data/fontforge-20201107~dfsg/tests/randomtest.c:121:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch4 = getc(foo);
data/fontforge-20201107~dfsg/tests/randomtest.c:122:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch5 = getc(foo);
data/fontforge-20201107~dfsg/tests/randomtest.c:123:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch6 = getc(foo);
data/fontforge-20201107~dfsg/tests/randomtest.c:124:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch7 = getc(foo);
ANALYSIS SUMMARY:
Hits = 6190
Lines analyzed = 661973 in approximately 28.73 seconds (23044 lines/second)
Physical Source Lines of Code (SLOC) = 587562
Hits@level = [0] 4664 [1] 2427 [2] 2913 [3] 105 [4] 744 [5] 1
Hits@level+ = [0+] 10854 [1+] 6190 [2+] 3763 [3+] 850 [4+] 745 [5+] 1
Hits/KSLOC@level+ = [0+] 18.4729 [1+] 10.5351 [2+] 6.40443 [3+] 1.44666 [4+] 1.26795 [5+] 0.00170195
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.