Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/free42-nologo-1.4.77/common/bcd.cc
Examining data/free42-nologo-1.4.77/common/bcd.h
Examining data/free42-nologo-1.4.77/common/bcd2.h
Examining data/free42-nologo-1.4.77/common/bcdfloat.cc
Examining data/free42-nologo-1.4.77/common/bcdfloat.h
Examining data/free42-nologo-1.4.77/common/bcdfloat2.cc
Examining data/free42-nologo-1.4.77/common/bcdfloat2.h
Examining data/free42-nologo-1.4.77/common/bcdmath.cc
Examining data/free42-nologo-1.4.77/common/bcdmath.h
Examining data/free42-nologo-1.4.77/common/core_commands1.cc
Examining data/free42-nologo-1.4.77/common/core_commands1.h
Examining data/free42-nologo-1.4.77/common/core_commands2.cc
Examining data/free42-nologo-1.4.77/common/core_commands2.h
Examining data/free42-nologo-1.4.77/common/core_commands3.cc
Examining data/free42-nologo-1.4.77/common/core_commands3.h
Examining data/free42-nologo-1.4.77/common/core_commands4.cc
Examining data/free42-nologo-1.4.77/common/core_commands4.h
Examining data/free42-nologo-1.4.77/common/core_commands5.cc
Examining data/free42-nologo-1.4.77/common/core_commands5.h
Examining data/free42-nologo-1.4.77/common/core_commands6.cc
Examining data/free42-nologo-1.4.77/common/core_commands6.h
Examining data/free42-nologo-1.4.77/common/core_commands7.cc
Examining data/free42-nologo-1.4.77/common/core_commands7.h
Examining data/free42-nologo-1.4.77/common/core_display.cc
Examining data/free42-nologo-1.4.77/common/core_display.h
Examining data/free42-nologo-1.4.77/common/core_globals.cc
Examining data/free42-nologo-1.4.77/common/core_globals.h
Examining data/free42-nologo-1.4.77/common/core_helpers.cc
Examining data/free42-nologo-1.4.77/common/core_helpers.h
Examining data/free42-nologo-1.4.77/common/core_keydown.cc
Examining data/free42-nologo-1.4.77/common/core_keydown.h
Examining data/free42-nologo-1.4.77/common/core_linalg1.cc
Examining data/free42-nologo-1.4.77/common/core_linalg1.h
Examining data/free42-nologo-1.4.77/common/core_linalg2.cc
Examining data/free42-nologo-1.4.77/common/core_linalg2.h
Examining data/free42-nologo-1.4.77/common/core_main.cc
Examining data/free42-nologo-1.4.77/common/core_main.h
Examining data/free42-nologo-1.4.77/common/core_math1.cc
Examining data/free42-nologo-1.4.77/common/core_math1.h
Examining data/free42-nologo-1.4.77/common/core_math2.cc
Examining data/free42-nologo-1.4.77/common/core_math2.h
Examining data/free42-nologo-1.4.77/common/core_phloat.cc
Examining data/free42-nologo-1.4.77/common/core_phloat.h
Examining data/free42-nologo-1.4.77/common/core_sto_rcl.cc
Examining data/free42-nologo-1.4.77/common/core_sto_rcl.h
Examining data/free42-nologo-1.4.77/common/core_tables.cc
Examining data/free42-nologo-1.4.77/common/core_tables.h
Examining data/free42-nologo-1.4.77/common/core_variables.cc
Examining data/free42-nologo-1.4.77/common/core_variables.h
Examining data/free42-nologo-1.4.77/common/free42.h
Examining data/free42-nologo-1.4.77/common/keymap2cc.cc
Examining data/free42-nologo-1.4.77/common/shell.h
Examining data/free42-nologo-1.4.77/common/shell_loadimage.cc
Examining data/free42-nologo-1.4.77/common/shell_loadimage.h
Examining data/free42-nologo-1.4.77/common/shell_spool.cc
Examining data/free42-nologo-1.4.77/common/shell_spool.h
Examining data/free42-nologo-1.4.77/common/skin2cc.cc
Examining data/free42-nologo-1.4.77/gtk/audio_alsa.cc
Examining data/free42-nologo-1.4.77/gtk/audio_alsa.h
Examining data/free42-nologo-1.4.77/gtk/shell_main.cc
Examining data/free42-nologo-1.4.77/gtk/shell_main.h
Examining data/free42-nologo-1.4.77/gtk/shell_skin.cc
Examining data/free42-nologo-1.4.77/gtk/shell_skin.h
FINAL RESULTS:
data/free42-nologo-1.4.77/gtk/shell_main.cc:709:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(keymapfilename, 0664);
data/free42-nologo-1.4.77/gtk/shell_main.cc:861:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(printfilename, 0664);
data/free42-nologo-1.4.77/gtk/shell_main.cc:924:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(statefilename, 0664);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1122:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(export_file_name, 0664);
data/free42-nologo-1.4.77/gtk/shell_main.cc:2182:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(state.printerTxtFileName, 0664);
data/free42-nologo-1.4.77/gtk/shell_main.cc:2244:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(print_gif_name, 0664);
data/free42-nologo-1.4.77/common/core_math1.cc:405:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/free42-nologo-1.4.77/common/skin2cc.cc:111:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(skinfile[nskins], line);
data/free42-nologo-1.4.77/common/skin2cc.cc:118:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(skinname[nskins], line);
data/free42-nologo-1.4.77/common/skin2cc.cc:151:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, skinfile[i]);
data/free42-nologo-1.4.77/common/skin2cc.cc:176:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, skinfile[i]);
data/free42-nologo-1.4.77/common/skin2cc.cc:207:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, skinfile[i]);
data/free42-nologo-1.4.77/common/skin2cc.cc:232:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, skinfile[i]);
data/free42-nologo-1.4.77/gtk/shell_main.cc:339:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(appid, getpwuid(getuid())->pw_name);
data/free42-nologo-1.4.77/gtk/shell_main.cc:687:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) entry.macro, (const char *) macrobuf);
data/free42-nologo-1.4.77/gtk/shell_main.cc:950:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s2, s);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1089:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(export_file_name, filename);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1409:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, suffix);
data/free42-nologo-1.4.77/gtk/shell_main.cc:2207:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(print_gif_name, state.printerGifFileName);
data/free42-nologo-1.4.77/gtk/shell_skin.cc:122:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state.skinName, name);
data/free42-nologo-1.4.77/gtk/shell_skin.cc:133:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lbl, name);
data/free42-nologo-1.4.77/gtk/shell_skin.cc:146:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state.skinName, name);
data/free42-nologo-1.4.77/gtk/shell_skin.cc:286:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state.skinName, skin_name[0]);
data/free42-nologo-1.4.77/gtk/shell_skin.cc:348:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(line + 4, " %s %d,%d,%d,%d %d,%d,%d,%d %d,%d",
data/free42-nologo-1.4.77/gtk/shell_main.cc:250:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *sar = getenv("SUGAR_ACTIVITY_ROOT");
data/free42-nologo-1.4.77/gtk/shell_main.cc:257:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/free42-nologo-1.4.77/common/bcd.h:188:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _buf[64];
data/free42-nologo-1.4.77/common/bcdfloat.cc:1092:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (isNan()) strcpy(p, "NaN");
data/free42-nologo-1.4.77/common/bcdfloat.cc:1096:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "Inf");
data/free42-nologo-1.4.77/common/bcdfloat.cc:1120:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (!i) sprintf(p, "%d", v);
data/free42-nologo-1.4.77/common/bcdfloat.cc:1121:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(p, "%04d", v);
data/free42-nologo-1.4.77/common/bcdfloat.cc:1133:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tb[8];
data/free42-nologo-1.4.77/common/bcdfloat.cc:1134:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tb, "%d", v);
data/free42-nologo-1.4.77/common/bcdfloat.cc:1174:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%04d", v);
data/free42-nologo-1.4.77/common/bcdfloat.cc:1194:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%c%d", CUSTOM_EXP_CHAR, e*4+eadj);
data/free42-nologo-1.4.77/common/bcdfloat.cc:1196:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "e%d", e*4+eadj);
data/free42-nologo-1.4.77/common/core_commands1.cc:545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_commands2.cc:368:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[22];
data/free42-nologo-1.4.77/common/core_commands2.cc:659:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[44];
data/free42-nologo-1.4.77/common/core_commands2.cc:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[44];
data/free42-nologo-1.4.77/common/core_commands2.cc:1110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_commands2.cc:1195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[32], rbuf[100];
data/free42-nologo-1.4.77/common/core_commands2.cc:1224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[32], rbuf[100];
data/free42-nologo-1.4.77/common/core_commands2.cc:1278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_commands2.cc:1336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_commands2.cc:1392:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[8];
data/free42-nologo-1.4.77/common/core_commands2.cc:1393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbuf[100];
data/free42-nologo-1.4.77/common/core_commands2.cc:1410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[13];
data/free42-nologo-1.4.77/common/core_commands3.cc:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[44];
data/free42-nologo-1.4.77/common/core_commands7.cc:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/free42-nologo-1.4.77/common/core_commands7.cc:329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[14];
data/free42-nologo-1.4.77/common/core_commands7.cc:414:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[22];
data/free42-nologo-1.4.77/common/core_commands7.cc:594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[22];
data/free42-nologo-1.4.77/common/core_display.cc:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bigchars[130][5] =
data/free42-nologo-1.4.77/common/core_display.cc:178:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char smallchars[329] =
data/free42-nologo-1.4.77/common/core_display.cc:383:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char smallchars_map[128] =
data/free42-nologo-1.4.77/common/core_display.cc:521:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char display[272];
data/free42-nologo-1.4.77/common/core_display.cc:532:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char custommenu_label[3][6][7];
data/free42-nologo-1.4.77/common/core_display.cc:537:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char progmenu_label[6][7];
data/free42-nologo-1.4.77/common/core_display.cc:996:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[44];
data/free42-nologo-1.4.77/common/core_display.cc:1046:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[22];
data/free42-nologo-1.4.77/common/core_display.cc:1066:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/free42-nologo-1.4.77/common/core_display.cc:1079:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/free42-nologo-1.4.77/common/core_display.cc:1154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[22];
data/free42-nologo-1.4.77/common/core_display.cc:1602:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/free42-nologo-1.4.77/common/core_display.cc:1624:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[44];
data/free42-nologo-1.4.77/common/core_display.cc:1991:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_globals.cc:535:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reg_alpha[44];
data/free42-nologo-1.4.77/common/core_globals.cc:558:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varmenu[7];
data/free42-nologo-1.4.77/common/core_globals.cc:562:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varmenu_labeltext[6][7];
data/free42-nologo-1.4.77/common/core_globals.cc:592:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entered_string[15];
data/free42-nologo-1.4.77/common/core_globals.cc:607:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incomplete_str[7];
data/free42-nologo-1.4.77/common/core_globals.cc:612:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[100];
data/free42-nologo-1.4.77/common/core_globals.cc:618:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char matedit_name[7];
data/free42-nologo-1.4.77/common/core_globals.cc:626:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_name[11];
data/free42-nologo-1.4.77/common/core_globals.cc:1299:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
prgms[i].text = (unsigned char *) malloc(prgms[i].size);
data/free42-nologo-1.4.77/common/core_globals.cc:1823:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[100];
data/free42-nologo-1.4.77/common/core_globals.cc:1924:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[5];
data/free42-nologo-1.4.77/common/core_globals.cc:2392:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1024];
data/free42-nologo-1.4.77/common/core_globals.cc:2695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[15];
data/free42-nologo-1.4.77/common/core_globals.cc:2709:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[15];
data/free42-nologo-1.4.77/common/core_globals.cc:2735:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[15];
data/free42-nologo-1.4.77/common/core_globals.h:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[7];
data/free42-nologo-1.4.77/common/core_globals.h:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[6];
data/free42-nologo-1.4.77/common/core_globals.h:276:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char reg_alpha[44];
data/free42-nologo-1.4.77/common/core_globals.h:287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char farray[100];
data/free42-nologo-1.4.77/common/core_globals.h:366:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[7];
data/free42-nologo-1.4.77/common/core_globals.h:385:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[7];
data/free42-nologo-1.4.77/common/core_globals.h:398:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char varmenu[7];
data/free42-nologo-1.4.77/common/core_globals.h:402:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char varmenu_labeltext[6][7];
data/free42-nologo-1.4.77/common/core_globals.h:437:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char entered_string[15];
data/free42-nologo-1.4.77/common/core_globals.h:452:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char incomplete_str[7];
data/free42-nologo-1.4.77/common/core_globals.h:470:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cmdline[100];
data/free42-nologo-1.4.77/common/core_globals.h:476:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char matedit_name[7];
data/free42-nologo-1.4.77/common/core_globals.h:484:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char input_name[11];
data/free42-nologo-1.4.77/common/core_helpers.cc:435:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24];
data/free42-nologo-1.4.77/common/core_helpers.cc:438:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bitmap[162];
data/free42-nologo-1.4.77/common/core_helpers.cc:459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charbits[5];
data/free42-nologo-1.4.77/common/core_helpers.cc:502:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_helpers.cc:539:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24];
data/free42-nologo-1.4.77/common/core_helpers.cc:571:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_helpers.cc:960:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x_buf[22];
data/free42-nologo-1.4.77/common/core_helpers.cc:962:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char y_buf[22];
data/free42-nologo-1.4.77/common/core_helpers.cc:1075:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char allbuf[25];
data/free42-nologo-1.4.77/common/core_helpers.cc:1076:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char scibuf[25];
data/free42-nologo-1.4.77/common/core_keydown.cc:286:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_keydown.cc:1978:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[7];
data/free42-nologo-1.4.77/common/core_main.cc:424:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[12], rbuf[100];
data/free42-nologo-1.4.77/common/core_main.cc:617:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[51];
data/free42-nologo-1.4.77/common/core_main.cc:668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[25];
data/free42-nologo-1.4.77/common/core_main.cc:670:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/common/core_main.cc:729:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[52];
data/free42-nologo-1.4.77/common/core_main.cc:1540:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/common/core_main.cc:1606:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[19];
data/free42-nologo-1.4.77/common/core_main.cc:1814:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[52];
data/free42-nologo-1.4.77/common/core_main.cc:1991:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/common/core_main.cc:2346:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[7];
data/free42-nologo-1.4.77/common/core_math1.cc:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prgm_name[7];
data/free42-nologo-1.4.77/common/core_math1.cc:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char active_prgm_name[7];
data/free42-nologo-1.4.77/common/core_math1.cc:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var_name[7];
data/free42-nologo-1.4.77/common/core_math1.cc:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shadow_name[NUM_SHADOWS][7];
data/free42-nologo-1.4.77/common/core_math1.cc:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prgm_name[7];
data/free42-nologo-1.4.77/common/core_math1.cc:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char active_prgm_name[7];
data/free42-nologo-1.4.77/common/core_math1.cc:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var_name[7];
data/free42-nologo-1.4.77/common/core_math1.cc:384:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[8], valbuf[22];
data/free42-nologo-1.4.77/common/core_math1.cc:402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/free42-nologo-1.4.77/common/core_math1.cc:446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[22];
data/free42-nologo-1.4.77/common/core_math1.cc:933:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[22];
data/free42-nologo-1.4.77/common/core_phloat.cc:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[100];
data/free42-nologo-1.4.77/common/core_phloat.cc:752:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_bcd_mantissa[20];
data/free42-nologo-1.4.77/common/core_phloat.cc:1305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mantissa[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
data/free42-nologo-1.4.77/common/core_phloat.cc:1574:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binbuf[36];
data/free42-nologo-1.4.77/common/core_phloat.cc:1609:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bcd_mantissa[16] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
data/free42-nologo-1.4.77/common/core_phloat.cc:1683:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char norm_ip[12];
data/free42-nologo-1.4.77/common/core_phloat.cc:1684:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char norm_fp[27];
data/free42-nologo-1.4.77/common/core_phloat.cc:1862:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char norm_mantissa[16];
data/free42-nologo-1.4.77/common/core_phloat.h:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[6];
data/free42-nologo-1.4.77/common/core_tables.h:470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[15];
data/free42-nologo-1.4.77/common/core_tables.h:482:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[12];
data/free42-nologo-1.4.77/common/keymap2cc.cc:57:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(KEYMAP_CC, "w");
data/free42-nologo-1.4.77/common/keymap2cc.cc:82:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inp = fopen("keymap.txt", "rb");
data/free42-nologo-1.4.77/common/keymap2cc.cc:100:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inp = fopen("keymap.txt", "rb");
data/free42-nologo-1.4.77/common/shell_loadimage.cc:342:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char expanded[4096];
data/free42-nologo-1.4.77/common/shell_spool.cc:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/common/shell_spool.cc:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/free42-nologo-1.4.77/common/shell_spool.cc:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[29];
data/free42-nologo-1.4.77/common/skin2cc.cc:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/free42-nologo-1.4.77/common/skin2cc.cc:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinname[100][256];
data/free42-nologo-1.4.77/common/skin2cc.cc:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinfile[100][256];
data/free42-nologo-1.4.77/common/skin2cc.cc:64:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(SKINS_CC, "w");
data/free42-nologo-1.4.77/common/skin2cc.cc:93:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
conf = fopen(SKIN2CC_CONF, "r");
data/free42-nologo-1.4.77/common/skin2cc.cc:149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1024];
data/free42-nologo-1.4.77/common/skin2cc.cc:150:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fname, "../");
data/free42-nologo-1.4.77/common/skin2cc.cc:152:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, ".layout");
data/free42-nologo-1.4.77/common/skin2cc.cc:153:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inp = fopen(fname, "rb");
data/free42-nologo-1.4.77/common/skin2cc.cc:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1024];
data/free42-nologo-1.4.77/common/skin2cc.cc:175:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fname, "../");
data/free42-nologo-1.4.77/common/skin2cc.cc:177:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, ".layout");
data/free42-nologo-1.4.77/common/skin2cc.cc:178:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inp = fopen(fname, "rb");
data/free42-nologo-1.4.77/common/skin2cc.cc:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1024];
data/free42-nologo-1.4.77/common/skin2cc.cc:206:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fname, "../");
data/free42-nologo-1.4.77/common/skin2cc.cc:208:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, ".gif");
data/free42-nologo-1.4.77/common/skin2cc.cc:209:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inp = fopen(fname, "rb");
data/free42-nologo-1.4.77/common/skin2cc.cc:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1024];
data/free42-nologo-1.4.77/common/skin2cc.cc:231:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fname, "../");
data/free42-nologo-1.4.77/common/skin2cc.cc:233:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, ".gif");
data/free42-nologo-1.4.77/common/skin2cc.cc:234:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inp = fopen(fname, "rb");
data/free42-nologo-1.4.77/gtk/shell_main.cc:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char free42dirname[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:87:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char print_gif_name[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:98:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char export_file_name[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:117:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char statefilename[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:118:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char printfilename[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymapfilename[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:263:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldpath[FILENAMELEN], newpath[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:310:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
statefile = fopen(statefilename, "r");
data/free42-nologo-1.4.77/gtk/shell_main.cc:438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[1];
data/free42-nologo-1.4.77/gtk/shell_main.cc:450:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[2];
data/free42-nologo-1.4.77/gtk/shell_main.cc:451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidstr[11];
data/free42-nologo-1.4.77/gtk/shell_main.cc:452:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pidstr, "%u", getpid());
data/free42-nologo-1.4.77/gtk/shell_main.cc:474:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *printfile = fopen(printfilename, "r");
data/free42-nologo-1.4.77/gtk/shell_main.cc:539:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[1];
data/free42-nologo-1.4.77/gtk/shell_main.cc:572:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *apm = fopen("/proc/apm", "r");
data/free42-nologo-1.4.77/gtk/shell_main.cc:631:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char macrobuf[KEYMAP_MAX_MACRO_LENGTH + 1];
data/free42-nologo-1.4.77/gtk/shell_main.cc:694:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *keymapfile = fopen(keymapfilename, "r");
data/free42-nologo-1.4.77/gtk/shell_main.cc:696:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/free42-nologo-1.4.77/gtk/shell_main.cc:705:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
keymapfile = fopen(keymapfilename, "wb");
data/free42-nologo-1.4.77/gtk/shell_main.cc:719:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
keymapfile = fopen(keymapfilename, "r");
data/free42-nologo-1.4.77/gtk/shell_main.cc:734:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keymap + (keymap_length++), entry, sizeof(keymap_entry));
data/free42-nologo-1.4.77/gtk/shell_main.cc:840:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/free42-nologo-1.4.77/gtk/shell_main.cc:858:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
printfile = fopen(printfilename, "w");
data/free42-nologo-1.4.77/gtk/shell_main.cc:921:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
statefile = fopen(statefilename, "w");
data/free42-nologo-1.4.77/gtk/shell_main.cc:1049:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1097:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1112:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
export_file = fopen(export_file_name, "w");
data/free42-nologo-1.4.77/gtk/shell_main.cc:1115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filenamebuf[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1211:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
import_file = fopen(filenamebuf, "r");
data/free42-nologo-1.4.77/gtk/shell_main.cc:1213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1262:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filenamebuf[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1354:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maxlen[6];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1413:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1737:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char macrobuf[1024];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1890:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1910:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:1925:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:2026:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *meminfo = fopen("/proc/meminfo", "r");
data/free42-nologo-1.4.77/gtk/shell_main.cc:2027:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/free42-nologo-1.4.77/gtk/shell_main.cc:2054:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *apm = fopen("/proc/apm", "r");
data/free42-nologo-1.4.77/gtk/shell_main.cc:2055:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/free42-nologo-1.4.77/gtk/shell_main.cc:2170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:2173:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
print_txt = fopen(state.printerTxtFileName, "a");
data/free42-nologo-1.4.77/gtk/shell_main.cc:2192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.cc:2230:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(print_gif_name, ".gif");
data/free42-nologo-1.4.77/gtk/shell_main.cc:2235:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
print_gif = fopen(print_gif_name, "w+");
data/free42-nologo-1.4.77/gtk/shell_main.cc:2266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/free42-nologo-1.4.77/gtk/shell_main.h:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printerTxtFileName[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.h:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printerGifFileName[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.h:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinName[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.h:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char free42dirname[FILENAMELEN];
data/free42-nologo-1.4.77/gtk/shell_main.h:56:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char macro[KEYMAP_MAX_MACRO_LENGTH + 1];
data/free42-nologo-1.4.77/gtk/shell_skin.cc:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char macro[SKIN_MAX_MACRO_LENGTH + 1];
data/free42-nologo-1.4.77/gtk/shell_skin.cc:86:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char skin_label_buf[1024];
data/free42-nologo-1.4.77/gtk/shell_skin.cc:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[1024];
data/free42-nologo-1.4.77/gtk/shell_skin.cc:176:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
external_file = fopen(namebuf, "r");
data/free42-nologo-1.4.77/gtk/shell_skin.cc:244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *skinname[100];
data/free42-nologo-1.4.77/gtk/shell_skin.cc:255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(skn, dent->d_name, namelen - 7);
data/free42-nologo-1.4.77/gtk/shell_skin.cc:280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/free42-nologo-1.4.77/gtk/shell_skin.cc:343:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keynumbuf[20];
data/free42-nologo-1.4.77/gtk/shell_skin.cc:445:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keymap + (keymap_length++), entry, sizeof(keymap_entry));
data/free42-nologo-1.4.77/common/bcd.h:175:44: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{ return BCDFloat::equal(&a._v, &b._v); }
data/free42-nologo-1.4.77/common/bcd.h:177:45: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{ return !BCDFloat::equal(&a._v, &b._v); }
data/free42-nologo-1.4.77/common/bcd2.h:169:45: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{ return BCDFloat2::equal(&a._v, &b._v); }
data/free42-nologo-1.4.77/common/bcd2.h:171:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{ return !BCDFloat2::equal(&a._v, &b._v); }
data/free42-nologo-1.4.77/common/bcdfloat.h:281:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static bool equal(const BCDFloat* a, const BCDFloat* b)
data/free42-nologo-1.4.77/common/bcdfloat2.h:161:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static bool equal(const BCDFloat2* a, const BCDFloat2* b)
data/free42-nologo-1.4.77/common/core_commands1.cc:691:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal)
data/free42-nologo-1.4.77/common/core_math1.cc:406:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, " ");
data/free42-nologo-1.4.77/common/core_math1.cc:408:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p.bcd.asString(buf + strlen(buf));
data/free42-nologo-1.4.77/common/core_math1.cc:409:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "\n");
data/free42-nologo-1.4.77/common/core_phloat.cc:175:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return BCDFloat::equal(&bcd, &p.bcd);
data/free42-nologo-1.4.77/common/core_phloat.cc:180:23: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return !BCDFloat::equal(&bcd, &p.bcd);
data/free42-nologo-1.4.77/common/core_phloat.cc:556:16: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (BCDFloat::equal(&y.bcd, &by)) {
data/free42-nologo-1.4.77/common/core_phloat.cc:608:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return BCDFloat::equal(&bx, &y.bcd);
data/free42-nologo-1.4.77/common/core_sto_rcl.cc:596:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal)
data/free42-nologo-1.4.77/common/keymap2cc.cc:36:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = fgetc(file)) != EOF) {
data/free42-nologo-1.4.77/common/skin2cc.cc:38:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = fgetc(file)) != EOF) {
data/free42-nologo-1.4.77/common/skin2cc.cc:108:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/free42-nologo-1.4.77/common/skin2cc.cc:115:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/free42-nologo-1.4.77/gtk/audio_alsa.cc:372:19: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
if(duration > 0) usleep(duration * 1000);
data/free42-nologo-1.4.77/gtk/shell_main.cc:314:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(state.skinName, skin_arg, FILENAMELEN - 1);
data/free42-nologo-1.4.77/gtk/shell_main.cc:338:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(appid, "|");
data/free42-nologo-1.4.77/gtk/shell_main.cc:841:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(pype[0], buf, 1) == 1)
data/free42-nologo-1.4.77/gtk/shell_main.cc:948:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s2 = (char *) malloc(strlen(s) + 1);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1058:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p) + 1;
data/free42-nologo-1.4.77/gtk/shell_main.cc:1162:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(p);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1167:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(p);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1202:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filenamebuf, filename, FILENAMELEN);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1263:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filenamebuf, filename, FILENAMELEN);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1369:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(state.printerTxtFileName, s, FILENAMELEN);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1381:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(state.printerGifFileName, s, FILENAMELEN);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1404:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(path);
data/free42-nologo-1.4.77/gtk/shell_main.cc:1405:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int slen = strlen(suffix);
data/free42-nologo-1.4.77/gtk/shell_main.cc:2208:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(print_gif_name);
data/free42-nologo-1.4.77/gtk/shell_main.cc:2228:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = strlen(print_gif_name);
data/free42-nologo-1.4.77/gtk/shell_skin.cc:134:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
skin_label_pos += strlen(name) + 1;
data/free42-nologo-1.4.77/gtk/shell_skin.cc:182:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return fgetc(external_file);
data/free42-nologo-1.4.77/gtk/shell_skin.cc:247:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int namelen = strlen(dent->d_name);
ANALYSIS SUMMARY:
Hits = 267
Lines analyzed = 41962 in approximately 0.99 seconds (42408 lines/second)
Physical Source Lines of Code (SLOC) = 34287
Hits@level = [0] 161 [1] 38 [2] 203 [3] 2 [4] 18 [5] 6
Hits@level+ = [0+] 428 [1+] 267 [2+] 229 [3+] 26 [4+] 24 [5+] 6
Hits/KSLOC@level+ = [0+] 12.4829 [1+] 7.78721 [2+] 6.67892 [3+] 0.758305 [4+] 0.699974 [5+] 0.174993
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.