Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c
Examining data/foomatic-db-engine-4.0.13/foomatic-perl-data.c

FINAL RESULTS:

data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:100:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(data, buffer);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:812:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		      strcpy(currevid, s + 4);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:827:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		      strcpy(cdriver, s);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:842:27:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                          strcpy(cprinter, s);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:892:24:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		  if (!inautodetect) strcat(make, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:897:24:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		  if (!inautodetect) strcat(model, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:926:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  strcpy(cid, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:954:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  strcpy(cppd, s);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1073:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(userdefaultvalue, s);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1120:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		      strcpy(userdefaultid, currevid);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1184:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		      strcat(cprinter, currtagbody + 8);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1186:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		      strcat(cprinter, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1192:23:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		  if (inconstraint) strcat(cmake, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1196:23:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		  if (inconstraint) strcat(cmodel, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1200:23:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		  if (inconstraint) strcat(cdriver, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1204:23:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		  if (inconstraint) strcat(cargdefault, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1323:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			  strcpy(argdefault, cargdefault);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1427:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			    strcpy(argdefault, userdefaultid);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1434:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			  strcpy(argdefault, userdefaultvalue);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1437:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		      sprintf(defaultline,
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1485:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  strcpy(cprinter, currtagbody + 8);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1486:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  strcpy(cprinter, translateid(cprinter, idlist));
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1529:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(plistpointer->id, cprinter);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1547:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  strcpy(dlistpointer->name, cdriver);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1594:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(dlistpointer->name, cdriver);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1633:24:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  if (!inautodetect) strcpy(cmake, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1638:24:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  if (!inautodetect) strcpy(cmodel, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1642:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  strcpy(cfunctionality, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1711:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			  strcpy(plistpointer->id, cprinter);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1731:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			  strcpy(dlistpointer->name, cid);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1806:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			  strcpy(ppdlistpointer->driver, cid);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1807:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			  strcpy(ppdlistpointer->ppd, cppd);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1822:12:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  } else strcpy(cdriver, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1826:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  strcpy(cid, currtagbody);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1837:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		  strcpy(cppd, s);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1973:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(cprinter, translateid(cprinter, idlist));
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1975:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat((char *)(*data), cprinter);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1977:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat((char *)(*data), cmake);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1979:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat((char *)(*data), cmodel);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1981:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat((char *)(*data), cfunctionality);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1985:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat((char *)(*data), cfunctionality);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1990:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat((char *)(*data), cdriver);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1995:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat((char *)(*data), cautodetectentry);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2010:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	  strcat((char *)(*data), dlistpointer->name);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2025:8:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	      strcat((char *)(*data), dlistpointer->name);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2027:8:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	      strcat((char *)(*data), dlistpointer->functionality);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2064:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	  strcat((char *)(*data), ppdlistpointer->driver);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2066:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	  strcat((char *)(*data), ppdlistpointer->ppd);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2231:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(oldidfilename, "%s/db/oldprinterids",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2262:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(printerfilename, "%s/db/source/printer/%s.xml",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2264:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(driverfilename, "%s/db/source/driver/%s.xml",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2266:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(optiondirname, "%s/db/source/opt",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2276:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(printerfilename, "%s/db/source/printer/%s.xml",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2300:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf((char *)printerbuffer, "<printer id=\"printer/%s\">\n <make>%s</make>\n <model>%s</model>\n <mechanism>\n  <color />\n </mechanism>\n <noxmlentry />\n</printer>\n", pid, make, model);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2325:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf((char *)driverbuffer, "<driver id=\"driver/%s\">\n <name>%s</name>\n <url></url>\n <execution>\n  <filter />\n  <prototype></prototype>\n </execution>\n <printers>\n  <printer>\n   <id>printer/%s</id>\n  </printer>\n </printers>\n</driver>", driver, driver, pid);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2357:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(optionfilename, "%s/db/source/opt/%s",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2410:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(driverdirname, "%s/db/source/driver",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2412:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(printerdirname, "%s/db/source/printer",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2449:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(driverfilename, "%s/db/source/driver/%s",
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2504:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(printerfilename, "%s/db/source/printer/%s",
data/foomatic-db-engine-4.0.13/foomatic-perl-data.c:71:18:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DEBUG(x) printf(x)
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:46:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char                  name[128]; /* Name of driver */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:54:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char                  id[128];   /* ID of printer */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:61:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char                  driver[128]; /* ID of driver */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:62:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char                  ppd[1024];   /* ID of PPD URL */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:81:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[blocksize + 1];/* data block currently read */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:88:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  inputfile = fopen(filename, "r");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:307:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          currtagname[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:308:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          currtagparam[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:309:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          currtagbody[65536];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:312:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          userdefaultvalue[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:313:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          userdefaultid[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:314:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          currevid[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:318:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cprinter[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:319:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cmake[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:320:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cmodel[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:321:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cdriver[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:322:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cid[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:323:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cppd[1024];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:324:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cfunctionality[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:326:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cautodetectentry[4096];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:327:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          cargdefault[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:328:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          argdefault[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:329:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          defaultline[256];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:330:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          printerentry[1024*1024];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:331:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          dfunctionalityentry[10240];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:345:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char   make[256];           /* Printer make/model read from printer */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:346:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char   model[256];          /* XML file needed by constraints in */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:923:16:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		if (cppd[0]) strcpy(cid, "Postscript");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:994:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		      strcat(printerentry,"\n <printers>\n  ");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:999:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		      strcat(printerentry,"\n </printers>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1042:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			s = (char *)(defaultsettings[k] +
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1974:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
      strcat((char *)(*data), "  <printer>\n    <id>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1976:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
      strcat((char *)(*data), "</id>\n    <make>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1978:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
      strcat((char *)(*data), "</make>\n    <model>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1980:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
      strcat((char *)(*data), "</model>\n    <functionality>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1982:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
      strcat((char *)(*data), "</functionality>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1984:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "    <unverified>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1986:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "</unverified>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1989:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "    <driver>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1991:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "</driver>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1994:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "    ");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2005:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "\n    <drivers>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2009:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "      <driver>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2011:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "</driver>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2015:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "    </drivers>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2017:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "    <driverfunctionalityexceptions>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2022:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	      strcat((char *)(*data),
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2024:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	      strcat((char *)(*data), "        <driver>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2026:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	      strcat((char *)(*data), "</driver>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2028:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	      strcat((char *)(*data),
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2033:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "    </driverfunctionalityexceptions>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2053:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "    <ppds>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2062:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "      <ppd>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2063:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "        <driver>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2065:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "</driver>\n        <ppdfile>");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2067:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "</ppdfile>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2068:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat((char *)(*data), "      </ppd>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2071:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat((char *)(*data), "    </ppds>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2073:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
      strcat((char *)(*data), "  </printer>\n");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2095:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          printerfilename[1024];/* Name of printer's XML file */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2096:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          printerdirname[1024]; /* Name of the directory with the XML
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2098:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          driverfilename[1024]; /* Name of driver's XML file */
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2099:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          driverdirname[1024];  /* Name of the directory with the XML
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2101:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          optionfilename[1024]; /* Name of current option XML file*/
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2102:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          optiondirname[1024];  /* Name of the directory with the XML
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2104:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          oldidfilename[1024];  /* Name of the file with the
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2430:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(plistpointer->id, "proto");
data/foomatic-db-engine-4.0.13/foomatic-perl-data.c:3390:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char chars[1024];
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:369:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  datalength = strlen(*data); /* Compute the length of the file once,
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:813:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		      currevid[strlen(currevid) - 1] = '\0';
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:826:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		      s[strlen(s)-1] = '\0';
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:841:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                          s[strlen(s)-1] = '\0';
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:976:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		    l = strlen(printerentry);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:995:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		      l = strlen(printerentry);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1040:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			  (*(defaultsettings[k] + strlen(currtagbody))
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1043:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				     strlen(currtagbody) + 1);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1065:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			  if (strspn(s, "+-0123456789") < strlen(s)) 
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1070:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			  if (strspn(s, "+-0123456789.eE") < strlen(s)) 
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1084:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
			strcpy(userdefaultvalue, "1");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1098:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
			strcpy(userdefaultvalue, "0");
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:1440:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		      defaultlinelength = strlen(defaultline);
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2361:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strcmp((optionfilename + strlen(optionfilename) - 4), ".xml") == 0) {
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2452:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strcmp((driverfilename + strlen(driverfilename) - 4), ".xml") == 0) {
data/foomatic-db-engine-4.0.13/foomatic-combo-xml.c:2507:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strcmp((printerfilename + strlen(printerfilename) - 4), ".xml") ==

ANALYSIS SUMMARY:

Hits = 145
Lines analyzed = 7877 in approximately 0.34 seconds (23329 lines/second)
Physical Source Lines of Code (SLOC) = 6958
Hits@level = [0] 1025 [1]  16 [2]  68 [3]   0 [4]  61 [5]   0
Hits@level+ = [0+] 1170 [1+] 145 [2+] 129 [3+]  61 [4+]  61 [5+]   0
Hits/KSLOC@level+ = [0+] 168.152 [1+] 20.8393 [2+] 18.5398 [3+] 8.76689 [4+] 8.76689 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.