Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gnupg2-2.2.20/g10/progress.c
Examining data/gnupg2-2.2.20/g10/gpg.h
Examining data/gnupg2-2.2.20/g10/packet.h
Examining data/gnupg2-2.2.20/g10/dek.h
Examining data/gnupg2-2.2.20/g10/dearmor.c
Examining data/gnupg2-2.2.20/g10/mainproc.c
Examining data/gnupg2-2.2.20/g10/getkey.c
Examining data/gnupg2-2.2.20/g10/exec.h
Examining data/gnupg2-2.2.20/g10/keydb.h
Examining data/gnupg2-2.2.20/g10/keyring.c
Examining data/gnupg2-2.2.20/g10/call-dirmngr.c
Examining data/gnupg2-2.2.20/g10/armor.c
Examining data/gnupg2-2.2.20/g10/gpgv.c
Examining data/gnupg2-2.2.20/g10/keyedit.h
Examining data/gnupg2-2.2.20/g10/cpr.c
Examining data/gnupg2-2.2.20/g10/card-util.c
Examining data/gnupg2-2.2.20/g10/cipher.c
Examining data/gnupg2-2.2.20/g10/t-rmd160.c
Examining data/gnupg2-2.2.20/g10/tdbdump.c
Examining data/gnupg2-2.2.20/g10/t-keydb-get-keyblock.c
Examining data/gnupg2-2.2.20/g10/plaintext.c
Examining data/gnupg2-2.2.20/g10/sign.c
Examining data/gnupg2-2.2.20/g10/gpgcompose.c
Examining data/gnupg2-2.2.20/g10/keylist.c
Examining data/gnupg2-2.2.20/g10/photoid.c
Examining data/gnupg2-2.2.20/g10/rmd160.h
Examining data/gnupg2-2.2.20/g10/keyring.h
Examining data/gnupg2-2.2.20/g10/helptext.c
Examining data/gnupg2-2.2.20/g10/keydb.c
Examining data/gnupg2-2.2.20/g10/compress-bz2.c
Examining data/gnupg2-2.2.20/g10/trustdb.c
Examining data/gnupg2-2.2.20/g10/key-check.c
Examining data/gnupg2-2.2.20/g10/call-dirmngr.h
Examining data/gnupg2-2.2.20/g10/skclist.c
Examining data/gnupg2-2.2.20/g10/key-check.h
Examining data/gnupg2-2.2.20/g10/keyedit.c
Examining data/gnupg2-2.2.20/g10/keyserver.c
Examining data/gnupg2-2.2.20/g10/delkey.c
Examining data/gnupg2-2.2.20/g10/sig-check.c
Examining data/gnupg2-2.2.20/g10/filter.h
Examining data/gnupg2-2.2.20/g10/exec.c
Examining data/gnupg2-2.2.20/g10/tofu.h
Examining data/gnupg2-2.2.20/g10/server.c
Examining data/gnupg2-2.2.20/g10/gpgsql.h
Examining data/gnupg2-2.2.20/g10/photoid.h
Examining data/gnupg2-2.2.20/g10/export.c
Examining data/gnupg2-2.2.20/g10/compress.c
Examining data/gnupg2-2.2.20/g10/textfilter.c
Examining data/gnupg2-2.2.20/g10/kbnode.c
Examining data/gnupg2-2.2.20/g10/passphrase.c
Examining data/gnupg2-2.2.20/g10/migrate.c
Examining data/gnupg2-2.2.20/g10/tdbio.c
Examining data/gnupg2-2.2.20/g10/seskey.c
Examining data/gnupg2-2.2.20/g10/trust.c
Examining data/gnupg2-2.2.20/g10/openfile.c
Examining data/gnupg2-2.2.20/g10/key-clean.c
Examining data/gnupg2-2.2.20/g10/parse-packet.c
Examining data/gnupg2-2.2.20/g10/keyserver-internal.h
Examining data/gnupg2-2.2.20/g10/encrypt.c
Examining data/gnupg2-2.2.20/g10/t-keydb.c
Examining data/gnupg2-2.2.20/g10/rmd160.c
Examining data/gnupg2-2.2.20/g10/pkglue.c
Examining data/gnupg2-2.2.20/g10/decrypt.c
Examining data/gnupg2-2.2.20/g10/test-stubs.c
Examining data/gnupg2-2.2.20/g10/ecdh.c
Examining data/gnupg2-2.2.20/g10/verify.c
Examining data/gnupg2-2.2.20/g10/t-stutter.c
Examining data/gnupg2-2.2.20/g10/key-clean.h
Examining data/gnupg2-2.2.20/g10/revoke.c
Examining data/gnupg2-2.2.20/g10/call-agent.h
Examining data/gnupg2-2.2.20/g10/pubkey-enc.c
Examining data/gnupg2-2.2.20/g10/decrypt-data.c
Examining data/gnupg2-2.2.20/g10/mdfilter.c
Examining data/gnupg2-2.2.20/g10/build-packet.c
Examining data/gnupg2-2.2.20/g10/pkglue.h
Examining data/gnupg2-2.2.20/g10/gpgsql.c
Examining data/gnupg2-2.2.20/g10/call-agent.c
Examining data/gnupg2-2.2.20/g10/trustdb.h
Examining data/gnupg2-2.2.20/g10/free-packet.c
Examining data/gnupg2-2.2.20/g10/pkclist.c
Examining data/gnupg2-2.2.20/g10/tdbio.h
Examining data/gnupg2-2.2.20/g10/options.h
Examining data/gnupg2-2.2.20/g10/test.c
Examining data/gnupg2-2.2.20/g10/tofu.c
Examining data/gnupg2-2.2.20/g10/keyid.c
Examining data/gnupg2-2.2.20/g10/main.h
Examining data/gnupg2-2.2.20/g10/misc.c
Examining data/gnupg2-2.2.20/g10/keygen.c
Examining data/gnupg2-2.2.20/g10/import.c
Examining data/gnupg2-2.2.20/g10/gpg.c
Examining data/gnupg2-2.2.20/agent/findkey.c
Examining data/gnupg2-2.2.20/agent/call-pinentry.c
Examining data/gnupg2-2.2.20/agent/pksign.c
Examining data/gnupg2-2.2.20/agent/command-ssh.c
Examining data/gnupg2-2.2.20/agent/trustlist.c
Examining data/gnupg2-2.2.20/agent/cvt-openpgp.h
Examining data/gnupg2-2.2.20/agent/divert-scd.c
Examining data/gnupg2-2.2.20/agent/cache.c
Examining data/gnupg2-2.2.20/agent/protect-tool.c
Examining data/gnupg2-2.2.20/agent/cvt-openpgp.c
Examining data/gnupg2-2.2.20/agent/preset-passphrase.c
Examining data/gnupg2-2.2.20/agent/t-protect.c
Examining data/gnupg2-2.2.20/agent/genkey.c
Examining data/gnupg2-2.2.20/agent/protect.c
Examining data/gnupg2-2.2.20/agent/pkdecrypt.c
Examining data/gnupg2-2.2.20/agent/learncard.c
Examining data/gnupg2-2.2.20/agent/trans.c
Examining data/gnupg2-2.2.20/agent/agent.h
Examining data/gnupg2-2.2.20/agent/call-scd.c
Examining data/gnupg2-2.2.20/agent/gpg-agent.c
Examining data/gnupg2-2.2.20/agent/command.c
Examining data/gnupg2-2.2.20/scd/ccid-driver.c
Examining data/gnupg2-2.2.20/scd/app-geldkarte.c
Examining data/gnupg2-2.2.20/scd/iso7816.c
Examining data/gnupg2-2.2.20/scd/app-sc-hsm.c
Examining data/gnupg2-2.2.20/scd/app.c
Examining data/gnupg2-2.2.20/scd/ccid-driver.h
Examining data/gnupg2-2.2.20/scd/atr.c
Examining data/gnupg2-2.2.20/scd/apdu.c
Examining data/gnupg2-2.2.20/scd/iso7816.h
Examining data/gnupg2-2.2.20/scd/atr.h
Examining data/gnupg2-2.2.20/scd/app-dinsig.c
Examining data/gnupg2-2.2.20/scd/scdaemon.h
Examining data/gnupg2-2.2.20/scd/command.c
Examining data/gnupg2-2.2.20/scd/app-common.h
Examining data/gnupg2-2.2.20/scd/app-openpgp.c
Examining data/gnupg2-2.2.20/scd/app-p15.c
Examining data/gnupg2-2.2.20/scd/app-help.c
Examining data/gnupg2-2.2.20/scd/apdu.h
Examining data/gnupg2-2.2.20/scd/app-nks.c
Examining data/gnupg2-2.2.20/scd/scdaemon.c
Examining data/gnupg2-2.2.20/sm/delete.c
Examining data/gnupg2-2.2.20/sm/misc.c
Examining data/gnupg2-2.2.20/sm/minip12.c
Examining data/gnupg2-2.2.20/sm/keydb.h
Examining data/gnupg2-2.2.20/sm/call-dirmngr.c
Examining data/gnupg2-2.2.20/sm/certreqgen.c
Examining data/gnupg2-2.2.20/sm/certreqgen-ui.c
Examining data/gnupg2-2.2.20/sm/certchain.c
Examining data/gnupg2-2.2.20/sm/gpgsm.h
Examining data/gnupg2-2.2.20/sm/sign.c
Examining data/gnupg2-2.2.20/sm/keylist.c
Examining data/gnupg2-2.2.20/sm/keydb.c
Examining data/gnupg2-2.2.20/sm/certcheck.c
Examining data/gnupg2-2.2.20/sm/certlist.c
Examining data/gnupg2-2.2.20/sm/passphrase.h
Examining data/gnupg2-2.2.20/sm/gpgsm.c
Examining data/gnupg2-2.2.20/sm/server.c
Examining data/gnupg2-2.2.20/sm/export.c
Examining data/gnupg2-2.2.20/sm/passphrase.c
Examining data/gnupg2-2.2.20/sm/fingerprint.c
Examining data/gnupg2-2.2.20/sm/certdump.c
Examining data/gnupg2-2.2.20/sm/encrypt.c
Examining data/gnupg2-2.2.20/sm/decrypt.c
Examining data/gnupg2-2.2.20/sm/minip12.h
Examining data/gnupg2-2.2.20/sm/verify.c
Examining data/gnupg2-2.2.20/sm/call-agent.c
Examining data/gnupg2-2.2.20/sm/qualified.c
Examining data/gnupg2-2.2.20/sm/import.c
Examining data/gnupg2-2.2.20/tools/gpgtar.c
Examining data/gnupg2-2.2.20/tools/gpgtar-extract.c
Examining data/gnupg2-2.2.20/tools/gpg-wks.h
Examining data/gnupg2-2.2.20/tools/call-dirmngr.c
Examining data/gnupg2-2.2.20/tools/mime-parser.c
Examining data/gnupg2-2.2.20/tools/gpg-wks-client.c
Examining data/gnupg2-2.2.20/tools/call-dirmngr.h
Examining data/gnupg2-2.2.20/tools/gpgtar-create.c
Examining data/gnupg2-2.2.20/tools/mime-parser.h
Examining data/gnupg2-2.2.20/tools/mime-maker.h
Examining data/gnupg2-2.2.20/tools/rfc822parse.c
Examining data/gnupg2-2.2.20/tools/rfc822parse.h
Examining data/gnupg2-2.2.20/tools/gpgconf-comp.c
Examining data/gnupg2-2.2.20/tools/gpg-connect-agent.c
Examining data/gnupg2-2.2.20/tools/gpgtar-list.c
Examining data/gnupg2-2.2.20/tools/wks-util.c
Examining data/gnupg2-2.2.20/tools/gpgtar.h
Examining data/gnupg2-2.2.20/tools/no-libgcrypt.c
Examining data/gnupg2-2.2.20/tools/gpg-check-pattern.c
Examining data/gnupg2-2.2.20/tools/gpgconf.c
Examining data/gnupg2-2.2.20/tools/gpgsplit.c
Examining data/gnupg2-2.2.20/tools/mime-maker.c
Examining data/gnupg2-2.2.20/tools/make-dns-cert.c
Examining data/gnupg2-2.2.20/tools/clean-sat.c
Examining data/gnupg2-2.2.20/tools/wks-receive.c
Examining data/gnupg2-2.2.20/tools/symcryptrun.c
Examining data/gnupg2-2.2.20/tools/send-mail.c
Examining data/gnupg2-2.2.20/tools/gpgparsemail.c
Examining data/gnupg2-2.2.20/tools/gpgconf.h
Examining data/gnupg2-2.2.20/tools/ccidmon.c
Examining data/gnupg2-2.2.20/tools/send-mail.h
Examining data/gnupg2-2.2.20/tools/sockprox.c
Examining data/gnupg2-2.2.20/tools/watchgnupg.c
Examining data/gnupg2-2.2.20/tools/gpg-wks-server.c
Examining data/gnupg2-2.2.20/dirmngr/ldap-wrapper.h
Examining data/gnupg2-2.2.20/dirmngr/dirmngr_ldap.c
Examining data/gnupg2-2.2.20/dirmngr/http-common.c
Examining data/gnupg2-2.2.20/dirmngr/ocsp.c
Examining data/gnupg2-2.2.20/dirmngr/misc.c
Examining data/gnupg2-2.2.20/dirmngr/cdblib.c
Examining data/gnupg2-2.2.20/dirmngr/ldapserver.h
Examining data/gnupg2-2.2.20/dirmngr/dns-stuff.h
Examining data/gnupg2-2.2.20/dirmngr/crlfetch.h
Examining data/gnupg2-2.2.20/dirmngr/validate.h
Examining data/gnupg2-2.2.20/dirmngr/ks-action.h
Examining data/gnupg2-2.2.20/dirmngr/dns.c
Examining data/gnupg2-2.2.20/dirmngr/ks-engine-finger.c
Examining data/gnupg2-2.2.20/dirmngr/ldap-url.h
Examining data/gnupg2-2.2.20/dirmngr/ocsp.h
Examining data/gnupg2-2.2.20/dirmngr/ldap-wrapper.c
Examining data/gnupg2-2.2.20/dirmngr/domaininfo.c
Examining data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c
Examining data/gnupg2-2.2.20/dirmngr/ks-engine.h
Examining data/gnupg2-2.2.20/dirmngr/cdb.h
Examining data/gnupg2-2.2.20/dirmngr/w32-ldap-help.h
Examining data/gnupg2-2.2.20/dirmngr/t-dns-stuff.c
Examining data/gnupg2-2.2.20/dirmngr/ldap-parse-uri.h
Examining data/gnupg2-2.2.20/dirmngr/http.h
Examining data/gnupg2-2.2.20/dirmngr/certcache.h
Examining data/gnupg2-2.2.20/dirmngr/ldap.c
Examining data/gnupg2-2.2.20/dirmngr/ldapserver.c
Examining data/gnupg2-2.2.20/dirmngr/t-ldap-parse-uri.c
Examining data/gnupg2-2.2.20/dirmngr/server.c
Examining data/gnupg2-2.2.20/dirmngr/dns.h
Examining data/gnupg2-2.2.20/dirmngr/ks-action.c
Examining data/gnupg2-2.2.20/dirmngr/workqueue.c
Examining data/gnupg2-2.2.20/dirmngr/dirmngr-status.h
Examining data/gnupg2-2.2.20/dirmngr/crlcache.c
Examining data/gnupg2-2.2.20/dirmngr/http-ntbtls.c
Examining data/gnupg2-2.2.20/dirmngr/http-common.h
Examining data/gnupg2-2.2.20/dirmngr/ldap-url.c
Examining data/gnupg2-2.2.20/dirmngr/validate.c
Examining data/gnupg2-2.2.20/dirmngr/ldap-parse-uri.c
Examining data/gnupg2-2.2.20/dirmngr/ldap-wrapper-ce.c
Examining data/gnupg2-2.2.20/dirmngr/ks-engine-kdns.c
Examining data/gnupg2-2.2.20/dirmngr/t-http.c
Examining data/gnupg2-2.2.20/dirmngr/misc.h
Examining data/gnupg2-2.2.20/dirmngr/loadswdb.c
Examining data/gnupg2-2.2.20/dirmngr/t-http-basic.c
Examining data/gnupg2-2.2.20/dirmngr/t-support.h
Examining data/gnupg2-2.2.20/dirmngr/dns-stuff.c
Examining data/gnupg2-2.2.20/dirmngr/crlcache.h
Examining data/gnupg2-2.2.20/dirmngr/ks-engine-http.c
Examining data/gnupg2-2.2.20/dirmngr/t-support.c
Examining data/gnupg2-2.2.20/dirmngr/crlfetch.c
Examining data/gnupg2-2.2.20/dirmngr/dirmngr-client.c
Examining data/gnupg2-2.2.20/dirmngr/certcache.c
Examining data/gnupg2-2.2.20/dirmngr/dirmngr-err.h
Examining data/gnupg2-2.2.20/dirmngr/dirmngr.h
Examining data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c
Examining data/gnupg2-2.2.20/dirmngr/dirmngr.c
Examining data/gnupg2-2.2.20/dirmngr/http.c
Examining data/gnupg2-2.2.20/kbx/keybox-search.c
Examining data/gnupg2-2.2.20/kbx/keybox-openpgp.c
Examining data/gnupg2-2.2.20/kbx/kbxutil.c
Examining data/gnupg2-2.2.20/kbx/keybox-util.c
Examining data/gnupg2-2.2.20/kbx/keybox.h
Examining data/gnupg2-2.2.20/kbx/keybox-search-desc.h
Examining data/gnupg2-2.2.20/kbx/keybox-init.c
Examining data/gnupg2-2.2.20/kbx/keybox-dump.c
Examining data/gnupg2-2.2.20/kbx/keybox-blob.c
Examining data/gnupg2-2.2.20/kbx/keybox-file.c
Examining data/gnupg2-2.2.20/kbx/keybox-update.c
Examining data/gnupg2-2.2.20/kbx/keybox-defs.h
Examining data/gnupg2-2.2.20/tests/gpgscm/scheme-private.h
Examining data/gnupg2-2.2.20/tests/gpgscm/ffi.c
Examining data/gnupg2-2.2.20/tests/gpgscm/ffi.h
Examining data/gnupg2-2.2.20/tests/gpgscm/t-child.c
Examining data/gnupg2-2.2.20/tests/gpgscm/scheme-config.h
Examining data/gnupg2-2.2.20/tests/gpgscm/small-integers.h
Examining data/gnupg2-2.2.20/tests/gpgscm/opdefines.h
Examining data/gnupg2-2.2.20/tests/gpgscm/ffi-private.h
Examining data/gnupg2-2.2.20/tests/gpgscm/scheme.h
Examining data/gnupg2-2.2.20/tests/gpgscm/scheme.c
Examining data/gnupg2-2.2.20/tests/gpgscm/private.h
Examining data/gnupg2-2.2.20/tests/gpgscm/main.c
Examining data/gnupg2-2.2.20/tests/asschk.c
Examining data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c
Examining data/gnupg2-2.2.20/g13/sh-cmd.c
Examining data/gnupg2-2.2.20/g13/g13-common.c
Examining data/gnupg2-2.2.20/g13/g13-syshelp.c
Examining data/gnupg2-2.2.20/g13/be-truecrypt.h
Examining data/gnupg2-2.2.20/g13/keyblob.c
Examining data/gnupg2-2.2.20/g13/sh-dmcrypt.c
Examining data/gnupg2-2.2.20/g13/g13tuple.h
Examining data/gnupg2-2.2.20/g13/t-g13tuple.c
Examining data/gnupg2-2.2.20/g13/be-encfs.h
Examining data/gnupg2-2.2.20/g13/mountinfo.c
Examining data/gnupg2-2.2.20/g13/runner.c
Examining data/gnupg2-2.2.20/g13/backend.c
Examining data/gnupg2-2.2.20/g13/runner.h
Examining data/gnupg2-2.2.20/g13/call-syshelp.h
Examining data/gnupg2-2.2.20/g13/g13-syshelp.h
Examining data/gnupg2-2.2.20/g13/call-syshelp.c
Examining data/gnupg2-2.2.20/g13/create.h
Examining data/gnupg2-2.2.20/g13/server.c
Examining data/gnupg2-2.2.20/g13/mount.h
Examining data/gnupg2-2.2.20/g13/keyblob.h
Examining data/gnupg2-2.2.20/g13/sh-blockdev.c
Examining data/gnupg2-2.2.20/g13/mount.c
Examining data/gnupg2-2.2.20/g13/mountinfo.h
Examining data/gnupg2-2.2.20/g13/backend.h
Examining data/gnupg2-2.2.20/g13/create.c
Examining data/gnupg2-2.2.20/g13/server.h
Examining data/gnupg2-2.2.20/g13/suspend.h
Examining data/gnupg2-2.2.20/g13/suspend.c
Examining data/gnupg2-2.2.20/g13/g13-common.h
Examining data/gnupg2-2.2.20/g13/g13tuple.c
Examining data/gnupg2-2.2.20/g13/g13.h
Examining data/gnupg2-2.2.20/g13/be-truecrypt.c
Examining data/gnupg2-2.2.20/g13/be-encfs.c
Examining data/gnupg2-2.2.20/g13/be-dmcrypt.h
Examining data/gnupg2-2.2.20/g13/g13.c
Examining data/gnupg2-2.2.20/g13/be-dmcrypt.c
Examining data/gnupg2-2.2.20/doc/mkdefsinc.c
Examining data/gnupg2-2.2.20/doc/yat2m.c
Examining data/gnupg2-2.2.20/build-aux/speedo/w32/exdll.h
Examining data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c
Examining data/gnupg2-2.2.20/common/call-gpg.h
Examining data/gnupg2-2.2.20/common/compliance.c
Examining data/gnupg2-2.2.20/common/b64enc.c
Examining data/gnupg2-2.2.20/common/ttyio.c
Examining data/gnupg2-2.2.20/common/iobuf.c
Examining data/gnupg2-2.2.20/common/gc-opt-flags.h
Examining data/gnupg2-2.2.20/common/status.h
Examining data/gnupg2-2.2.20/common/call-gpg.c
Examining data/gnupg2-2.2.20/common/common-defs.h
Examining data/gnupg2-2.2.20/common/dotlock.h
Examining data/gnupg2-2.2.20/common/t-stringhelp.c
Examining data/gnupg2-2.2.20/common/init.h
Examining data/gnupg2-2.2.20/common/logging.h
Examining data/gnupg2-2.2.20/common/exechelp-posix.c
Examining data/gnupg2-2.2.20/common/ccparray.h
Examining data/gnupg2-2.2.20/common/mkdir_p.h
Examining data/gnupg2-2.2.20/common/keyserver.h
Examining data/gnupg2-2.2.20/common/status.c
Examining data/gnupg2-2.2.20/common/argparse.h
Examining data/gnupg2-2.2.20/common/types.h
Examining data/gnupg2-2.2.20/common/t-mbox-util.c
Examining data/gnupg2-2.2.20/common/gettime.h
Examining data/gnupg2-2.2.20/common/mischelp.c
Examining data/gnupg2-2.2.20/common/ssh-utils.h
Examining data/gnupg2-2.2.20/common/t-strlist.c
Examining data/gnupg2-2.2.20/common/membuf.c
Examining data/gnupg2-2.2.20/common/t-openpgp-oid.c
Examining data/gnupg2-2.2.20/common/strlist.c
Examining data/gnupg2-2.2.20/common/t-sexputil.c
Examining data/gnupg2-2.2.20/common/dotlock.c
Examining data/gnupg2-2.2.20/common/openpgp-oid.c
Examining data/gnupg2-2.2.20/common/stringhelp.h
Examining data/gnupg2-2.2.20/common/init.c
Examining data/gnupg2-2.2.20/common/t-sysutils.c
Examining data/gnupg2-2.2.20/common/yesno.c
Examining data/gnupg2-2.2.20/common/util.h
Examining data/gnupg2-2.2.20/common/name-value.c
Examining data/gnupg2-2.2.20/common/homedir.c
Examining data/gnupg2-2.2.20/common/i18n.h
Examining data/gnupg2-2.2.20/common/audit.h
Examining data/gnupg2-2.2.20/common/userids.c
Examining data/gnupg2-2.2.20/common/t-mapstrings.c
Examining data/gnupg2-2.2.20/common/t-zb32.c
Examining data/gnupg2-2.2.20/common/mapstrings.c
Examining data/gnupg2-2.2.20/common/audit-events.h
Examining data/gnupg2-2.2.20/common/exechelp-w32.c
Examining data/gnupg2-2.2.20/common/mischelp.h
Examining data/gnupg2-2.2.20/common/shareddefs.h
Examining data/gnupg2-2.2.20/common/t-percent.c
Examining data/gnupg2-2.2.20/common/dynload.h
Examining data/gnupg2-2.2.20/common/xasprintf.c
Examining data/gnupg2-2.2.20/common/sexputil.c
Examining data/gnupg2-2.2.20/common/gettime.c
Examining data/gnupg2-2.2.20/common/ksba-io-support.c
Examining data/gnupg2-2.2.20/common/get-passphrase.c
Examining data/gnupg2-2.2.20/common/t-gettime.c
Examining data/gnupg2-2.2.20/common/t-session-env.c
Examining data/gnupg2-2.2.20/common/recsel.h
Examining data/gnupg2-2.2.20/common/miscellaneous.c
Examining data/gnupg2-2.2.20/common/mbox-util.c
Examining data/gnupg2-2.2.20/common/fwddecl.h
Examining data/gnupg2-2.2.20/common/userids.h
Examining data/gnupg2-2.2.20/common/t-exectool.c
Examining data/gnupg2-2.2.20/common/exechelp.h
Examining data/gnupg2-2.2.20/common/agent-opt.c
Examining data/gnupg2-2.2.20/common/server-help.c
Examining data/gnupg2-2.2.20/common/t-timestuff.c
Examining data/gnupg2-2.2.20/common/status-codes.h
Examining data/gnupg2-2.2.20/common/t-helpfile.c
Examining data/gnupg2-2.2.20/common/w32-reg.c
Examining data/gnupg2-2.2.20/common/tlv.c
Examining data/gnupg2-2.2.20/common/argparse.c
Examining data/gnupg2-2.2.20/common/sexp-parse.h
Examining data/gnupg2-2.2.20/common/simple-pwquery.h
Examining data/gnupg2-2.2.20/common/ssh-utils.c
Examining data/gnupg2-2.2.20/common/asshelp2.c
Examining data/gnupg2-2.2.20/common/gpgrlhelp.c
Examining data/gnupg2-2.2.20/common/simple-pwquery.c
Examining data/gnupg2-2.2.20/common/t-exechelp.c
Examining data/gnupg2-2.2.20/common/recsel.c
Examining data/gnupg2-2.2.20/common/exectool.h
Examining data/gnupg2-2.2.20/common/localename.c
Examining data/gnupg2-2.2.20/common/b64dec.c
Examining data/gnupg2-2.2.20/common/name-value.h
Examining data/gnupg2-2.2.20/common/stringhelp.c
Examining data/gnupg2-2.2.20/common/t-ccparray.c
Examining data/gnupg2-2.2.20/common/sysutils.h
Examining data/gnupg2-2.2.20/common/host2net.h
Examining data/gnupg2-2.2.20/common/get-passphrase.h
Examining data/gnupg2-2.2.20/common/t-name-value.c
Examining data/gnupg2-2.2.20/common/mkdir_p.c
Examining data/gnupg2-2.2.20/common/convert.c
Examining data/gnupg2-2.2.20/common/helpfile.c
Examining data/gnupg2-2.2.20/common/w32help.h
Examining data/gnupg2-2.2.20/common/session-env.c
Examining data/gnupg2-2.2.20/common/t-ssh-utils.c
Examining data/gnupg2-2.2.20/common/exechelp-w32ce.c
Examining data/gnupg2-2.2.20/common/xreadline.c
Examining data/gnupg2-2.2.20/common/server-help.h
Examining data/gnupg2-2.2.20/common/ttyio.h
Examining data/gnupg2-2.2.20/common/i18n.c
Examining data/gnupg2-2.2.20/common/membuf.h
Examining data/gnupg2-2.2.20/common/strlist.h
Examining data/gnupg2-2.2.20/common/mbox-util.h
Examining data/gnupg2-2.2.20/common/logging.c
Examining data/gnupg2-2.2.20/common/session-env.h
Examining data/gnupg2-2.2.20/common/iobuf.h
Examining data/gnupg2-2.2.20/common/utilproto.h
Examining data/gnupg2-2.2.20/common/ksba-io-support.h
Examining data/gnupg2-2.2.20/common/utf8conv.c
Examining data/gnupg2-2.2.20/common/openpgpdefs.h
Examining data/gnupg2-2.2.20/common/t-b64.c
Examining data/gnupg2-2.2.20/common/zb32.h
Examining data/gnupg2-2.2.20/common/percent.c
Examining data/gnupg2-2.2.20/common/signal.c
Examining data/gnupg2-2.2.20/common/utf8conv.h
Examining data/gnupg2-2.2.20/common/asshelp.c
Examining data/gnupg2-2.2.20/common/exectool.c
Examining data/gnupg2-2.2.20/common/t-support.h
Examining data/gnupg2-2.2.20/common/t-iobuf.c
Examining data/gnupg2-2.2.20/common/tlv.h
Examining data/gnupg2-2.2.20/common/sysutils.c
Examining data/gnupg2-2.2.20/common/audit.c
Examining data/gnupg2-2.2.20/common/t-w32-reg.c
Examining data/gnupg2-2.2.20/common/ccparray.c
Examining data/gnupg2-2.2.20/common/asshelp.h
Examining data/gnupg2-2.2.20/common/t-convert.c
Examining data/gnupg2-2.2.20/common/compliance.h
Examining data/gnupg2-2.2.20/common/zb32.c
Examining data/gnupg2-2.2.20/common/t-recsel.c
FINAL RESULTS:
data/gnupg2-2.2.20/common/sysutils.c:818:10: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
return chmod (name, modestr_to_mode (modestr));
data/gnupg2-2.2.20/g10/keyring.c:1374:40: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (!stat (bakfname, &statbuf) && !chmod (fname, statbuf.st_mode))
data/gnupg2-2.2.20/tools/gpgtar-create.c:629:15: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
nread = readlink (hdr->name, raw->linkname, sizeof raw->linkname -1);
data/gnupg2-2.2.20/agent/cache.c:391:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->key, key);
data/gnupg2-2.2.20/agent/call-pinentry.c:1099:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (line, DIM(line), L_("SETERROR %s (try %d of %d)"),
data/gnupg2-2.2.20/agent/command-ssh.c:1098:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (cf->fp,
data/gnupg2-2.2.20/agent/command-ssh.c:1206:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r_hexgrip, cf->item.hexgrip);
data/gnupg2-2.2.20/agent/command.c:2578:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (keydata+keydatalen-1, 30, KEYTOCARD_TIMESTAMP_FORMAT, timestamp);
data/gnupg2-2.2.20/agent/command.c:2711:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (vl->d, key);
data/gnupg2-2.2.20/agent/cvt-openpgp.c:958:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pi->pin, cache_value);
data/gnupg2-2.2.20/agent/cvt-openpgp.c:967:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pi->pin, passphrase);
data/gnupg2-2.2.20/agent/findkey.c:158:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!force && !access (fname, F_OK))
data/gnupg2-2.2.20/agent/findkey.c:1085:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r_algoname, algoname);
data/gnupg2-2.2.20/agent/findkey.c:1091:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r_elems, elems);
data/gnupg2-2.2.20/agent/findkey.c:1362:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
result = !access (fname, R_OK)? 0 : -1;
data/gnupg2-2.2.20/agent/gpg-agent.c:501:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (result, libname), " "), s);
data/gnupg2-2.2.20/agent/gpg-agent.c:1715:15: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp (argv[0], argv);
data/gnupg2-2.2.20/agent/learncard.c:148:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (item->hexgrip, line);
data/gnupg2-2.2.20/agent/learncard.c:218:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (item->id, p);
data/gnupg2-2.2.20/agent/learncard.c:247:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (item->data, data);
data/gnupg2-2.2.20/agent/trustlist.c:202:21: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if ( access (etcname, F_OK) && errno == ENOENT )
data/gnupg2-2.2.20/agent/trustlist.c:355:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access (fname, F_OK) )
data/gnupg2-2.2.20/agent/trustlist.c:622:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access (fname, W_OK) && errno != ENOENT)
data/gnupg2-2.2.20/agent/trustlist.c:755:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access (fname, F_OK) && errno == ENOENT)
data/gnupg2-2.2.20/build-aux/speedo/w32/exdll.h:146:5: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy(g_variables + varnum*g_stringsize, var);
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:826:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s=%s\r\n", keys[i], values[i]);
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1046:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path_new, path);
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1048:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (path_new, dir);
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1150:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (path_new, comp);
data/gnupg2-2.2.20/common/argparse.c:110:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, fmt, arg_ptr);
data/gnupg2-2.2.20/common/argparse.c:121:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, fmt, arg_ptr);
data/gnupg2-2.2.20/common/argparse.c:512:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (item->name, name);
data/gnupg2-2.2.20/common/audit.c:655:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (result+1, p),"/"), issuer);
data/gnupg2-2.2.20/common/audit.c:685:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result+1, subject);
data/gnupg2-2.2.20/common/dotlock.c:377:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_info_0(a) fprintf (stderr, (a))
data/gnupg2-2.2.20/common/dotlock.c:378:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_info_1(a,b) fprintf (stderr, (a), (b))
data/gnupg2-2.2.20/common/dotlock.c:379:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_info_2(a,b,c) fprintf (stderr, (a), (b), (c))
data/gnupg2-2.2.20/common/dotlock.c:380:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_info_3(a,b,c,d) fprintf (stderr, (a), (b), (c), (d))
data/gnupg2-2.2.20/common/dotlock.c:381:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_error_0(a) fprintf (stderr, (a))
data/gnupg2-2.2.20/common/dotlock.c:382:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_error_1(a,b) fprintf (stderr, (a), (b))
data/gnupg2-2.2.20/common/dotlock.c:383:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_error_2(a,b,c) fprintf (stderr, (a), (b), (c))
data/gnupg2-2.2.20/common/dotlock.c:384:29: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_debug_1(a,b) fprintf (stderr, (a), (b))
data/gnupg2-2.2.20/common/dotlock.c:385:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define my_fatal_0(a) do { fprintf (stderr,(a)); fflush (stderr); \
data/gnupg2-2.2.20/common/dotlock.c:620:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lname, tname);
data/gnupg2-2.2.20/common/dotlock.c:759:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (h->lockname, file_to_lock), EXTSEP_S "lock");
data/gnupg2-2.2.20/common/dotlock.c:805:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy(h->lockname, file_to_lock), EXTSEP_S "lock");
data/gnupg2-2.2.20/common/exechelp-posix.c:329:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv (pgmname, arg_list);
data/gnupg2-2.2.20/common/exechelp-posix.c:844:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (pgmname, X_OK))
data/gnupg2-2.2.20/common/exechelp-w32.c:863:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (pgmname, X_OK))
data/gnupg2-2.2.20/common/homedir.c:196:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, newdir+2);
data/gnupg2-2.2.20/common/homedir.c:269:19: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (dir, F_OK))
data/gnupg2-2.2.20/common/homedir.c:363:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (fname, F_OK))
data/gnupg2-2.2.20/common/homedir.c:366:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (fname, F_OK))
data/gnupg2-2.2.20/common/homedir.c:788:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (name, s1), s2);
data/gnupg2-2.2.20/common/homedir.c:927:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (tmp, F_OK))
data/gnupg2-2.2.20/common/homedir.c:1005:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (name2, F_OK))
data/gnupg2-2.2.20/common/i18n.c:214:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (mh->lc_messages, lc_messages);
data/gnupg2-2.2.20/common/iobuf.c:395:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cc->fname, fname);
data/gnupg2-2.2.20/common/iobuf.c:1296:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fcx->fname, fname);
data/gnupg2-2.2.20/common/logging.c:298:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (addrstr, name+1);
data/gnupg2-2.2.20/common/logging.c:328:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (addrstr, name);
data/gnupg2-2.2.20/common/logging.c:520:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cookie->name, name? name:"");
data/gnupg2-2.2.20/common/mischelp.c:197:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(old_zone,zone);
data/gnupg2-2.2.20/common/recsel.c:253:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (se->name, expr);
data/gnupg2-2.2.20/common/session-env.c:245:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (var->value, value);
data/gnupg2-2.2.20/common/simple-pwquery.c:167:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, old_lc);
data/gnupg2-2.2.20/common/simple-pwquery.c:189:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, old_lc);
data/gnupg2-2.2.20/common/simple-pwquery.c:324:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (default_gpg_agent_info, name);
data/gnupg2-2.2.20/common/stringhelp.c:558:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (p, "/"), name);
data/gnupg2-2.2.20/common/stringhelp.c:560:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (p, home), "/"), name);
data/gnupg2-2.2.20/common/stringhelp.c:1294:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer, string);
data/gnupg2-2.2.20/common/strlist.c:78:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sl->d, string);
data/gnupg2-2.2.20/common/strlist.c:96:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sl->d, string);
data/gnupg2-2.2.20/common/strlist.c:148:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sl->d, string);
data/gnupg2-2.2.20/common/strlist.c:190:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sl->d, list->d);
data/gnupg2-2.2.20/common/strlist.c:232:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str,sl->d);
data/gnupg2-2.2.20/common/t-convert.c:392:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmpbuf, tests[idx].hex);
data/gnupg2-2.2.20/common/t-exechelp.c:84:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system (buffer);
data/gnupg2-2.2.20/common/t-exectool.c:48:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (pgmname, X_OK))
data/gnupg2-2.2.20/common/t-exectool.c:50:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (alt_pgmname, X_OK))
data/gnupg2-2.2.20/common/t-exectool.c:81:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (pgmname, X_OK))
data/gnupg2-2.2.20/common/t-exectool.c:83:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (alt_pgmname, X_OK))
data/gnupg2-2.2.20/common/t-exectool.c:108:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (argv[0], X_OK))
data/gnupg2-2.2.20/common/t-exectool.c:145:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (argv[0], X_OK))
data/gnupg2-2.2.20/common/t-zb32.c:96:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM": error encoding test %d: %s\n",
data/gnupg2-2.2.20/common/t-zb32.c:140:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM": error reading '[stdin]': %s\n",
data/gnupg2-2.2.20/common/t-zb32.c:158:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM": can't open '%s': %s\n",
data/gnupg2-2.2.20/common/t-zb32.c:165:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM": can't stat '%s': %s\n",
data/gnupg2-2.2.20/common/t-zb32.c:175:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM": error reading '%s': %s\n",
data/gnupg2-2.2.20/common/t-zb32.c:199:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM": decode mode has not yet been implemented\n");
data/gnupg2-2.2.20/common/t-zb32.c:220:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM": error encoding data: %s\n", strerror (errno));
data/gnupg2-2.2.20/common/t-zb32.c:286:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": unknown option '%s'\n", *argv);
data/gnupg2-2.2.20/common/t-zb32.c:293:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": to many arguments given\n");
data/gnupg2-2.2.20/common/ttyio.c:258:24: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
last_prompt_len += vfprintf(ttyfp,fmt,arg_ptr) ;
data/gnupg2-2.2.20/common/ttyio.c:305:22: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
last_prompt_len += vfprintf(ttyfp,fmt,arg_ptr) ;
data/gnupg2-2.2.20/common/ttyio.c:588:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, line);
data/gnupg2-2.2.20/common/ttyio.h:40:42: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf,1,2)));
data/gnupg2-2.2.20/common/ttyio.h:42:42: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf,2,3)));
data/gnupg2-2.2.20/common/ttyio.h:44:42: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf,1,2)));
data/gnupg2-2.2.20/common/utf8conv.c:389:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer, string);
data/gnupg2-2.2.20/common/util.h:90:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef snprintf
data/gnupg2-2.2.20/common/util.h:91:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf gpgrt_snprintf
data/gnupg2-2.2.20/common/w32-reg.c:212:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, tmp);
data/gnupg2-2.2.20/dirmngr/certcache.c:688:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (table[idx].name, F_OK))
data/gnupg2-2.2.20/dirmngr/crlcache.c:1951:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (string, p?p:s);
data/gnupg2-2.2.20/dirmngr/crlcache.c:2176:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (entry->dbfile_hash, checksum);
data/gnupg2-2.2.20/dirmngr/dirmngr.c:1076:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access ("/etc/"DIRMNGR_NAME, F_OK)
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:869:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (namebuf, name+1);
data/gnupg2-2.2.20/dirmngr/dns.c:242:26: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
do { if (DNS_DEBUG > 0) fprintf(stderr, fmt "%.1s", __func__, __LINE__, __VA_ARGS__); } while (0)
data/gnupg2-2.2.20/dirmngr/dns.c:2134:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if ((n = vsnprintf(dst, lim, fmt, ap)) < 0)
data/gnupg2-2.2.20/dirmngr/dns.c:10397:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/gnupg2-2.2.20/dirmngr/domaininfo.c:165:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (di_new->name, domain);
data/gnupg2-2.2.20/dirmngr/http.c:549:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, suffix);
data/gnupg2-2.2.20/dirmngr/http.c:593:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, F_OK))
data/gnupg2-2.2.20/dirmngr/http.c:622:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, F_OK))
data/gnupg2-2.2.20/dirmngr/http.c:1282:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((*ret_uri)->buffer, uri);
data/gnupg2-2.2.20/dirmngr/http.c:1283:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((*ret_uri)->buffer + strlen (uri) + 1, uri);
data/gnupg2-2.2.20/dirmngr/http.c:2407:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (p, hd->headers->value), line);
data/gnupg2-2.2.20/dirmngr/http.c:2441:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (h->name, line);
data/gnupg2-2.2.20/dirmngr/http.c:2448:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (h->value, value);
data/gnupg2-2.2.20/dirmngr/http.c:3722:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, origuri->original + origuri->off_path);
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:133:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hi->name, name);
data/gnupg2-2.2.20/dirmngr/ldap.c:355:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result->d, pattern);
data/gnupg2-2.2.20/dirmngr/ldap.c:381:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (result->d, format, pattern, pattern, pattern);
data/gnupg2-2.2.20/dirmngr/server.c:2108:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (item->uri, uri);
data/gnupg2-2.2.20/dirmngr/t-dns-stuff.c:146:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": unknown option '%s'\n", *argv);
data/gnupg2-2.2.20/dirmngr/t-dns-stuff.c:160:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": none or too many host names given\n");
data/gnupg2-2.2.20/dirmngr/t-dns-stuff.c:267:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM": resolving '%s' failed: %s\n",
data/gnupg2-2.2.20/dirmngr/t-http.c:185:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, srcdir);
data/gnupg2-2.2.20/dirmngr/t-http.c:187:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (result, fname);
data/gnupg2-2.2.20/dirmngr/t-http.c:303:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": unknown option '%s'\n", *argv);
data/gnupg2-2.2.20/dirmngr/t-http.c:309:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": no or too many URLS given\n");
data/gnupg2-2.2.20/dirmngr/workqueue.c:101:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (item->args, args);
data/gnupg2-2.2.20/doc/mkdefsinc.c:92:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, string);
data/gnupg2-2.2.20/doc/mkdefsinc.c:116:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": stat failed for '%s': %s\n",
data/gnupg2-2.2.20/doc/mkdefsinc.c:131:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": taking date from '%s'\n", usedfile);
data/gnupg2-2.2.20/doc/mkdefsinc.c:210:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": chdir to '%s' failed: %s\n",
data/gnupg2-2.2.20/doc/mkdefsinc.c:228:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": unknown option '%s'\n", *argv);
data/gnupg2-2.2.20/doc/mkdefsinc.c:254:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": bad date '%s'\n", opt_date);
data/gnupg2-2.2.20/doc/mkdefsinc.c:362:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": error writing to stdout: %s\n", strerror (errno));
data/gnupg2-2.2.20/doc/yat2m.c:122:51: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define ATTR_PRINTF(f, a) __attribute__ ((format(printf,f,a)))
data/gnupg2-2.2.20/doc/yat2m.c:123:64: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define ATTR_NR_PRINTF(f, a) __attribute__ ((noreturn, format(printf,f,a)))
data/gnupg2-2.2.20/doc/yat2m.c:266:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/doc/yat2m.c:285:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/doc/yat2m.c:301:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/doc/yat2m.c:340:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, string);
data/gnupg2-2.2.20/doc/yat2m.c:395:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (m->name, name);
data/gnupg2-2.2.20/doc/yat2m.c:418:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (m->name, macroname);
data/gnupg2-2.2.20/doc/yat2m.c:455:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (m->name, nameandvalue);
data/gnupg2-2.2.20/doc/yat2m.c:548:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cond->name, name);
data/gnupg2-2.2.20/doc/yat2m.c:655:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lb->line+n1+1, line);
data/gnupg2-2.2.20/doc/yat2m.c:1245:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (macrovalue+macrovalueused, line);
data/gnupg2-2.2.20/doc/yat2m.c:1409:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (incname, opt_include);
data/gnupg2-2.2.20/doc/yat2m.c:1412:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (incname, p);
data/gnupg2-2.2.20/g10/card-util.c:470:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (serialno, info.serialno);
data/gnupg2-2.2.20/g10/card-util.c:818:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (isoname, surname), "<<"), givenname);
data/gnupg2-2.2.20/g10/exec.c:185:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p,path);
data/gnupg2-2.2.20/g10/exec.c:254:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(info->tempdir,"%s" DIRSEP_S "gpg-XXXXXX",tmp);
data/gnupg2-2.2.20/g10/exec.c:269:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(info->tempfile_in,"%s" DIRSEP_S "%s",info->tempdir,namein);
data/gnupg2-2.2.20/g10/exec.c:275:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(info->tempfile_out,"%s" DIRSEP_S "%s",info->tempdir,nameout);
data/gnupg2-2.2.20/g10/exec.c:476:8: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp(program,program,(void *)NULL);
data/gnupg2-2.2.20/g10/exec.c:483:8: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp(shell,shell,"-c",(*info)->command,(void *)NULL);
data/gnupg2-2.2.20/g10/exec.c:578:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
info->progreturn=system(info->command);
data/gnupg2-2.2.20/g10/free-packet.c:247:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (d->email, s->email);
data/gnupg2-2.2.20/g10/gpg.c:998:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (result, libname), " "), s);
data/gnupg2-2.2.20/g10/gpg.c:2051:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str,argv[i]);
data/gnupg2-2.2.20/g10/gpg.c:2250:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
while (access (configname, R_OK));
data/gnupg2-2.2.20/g10/gpg.c:2257:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (! access (configname, R_OK))
data/gnupg2-2.2.20/g10/gpg.c:2261:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (! access (p, R_OK))
data/gnupg2-2.2.20/g10/gpg.c:2269:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (p, R_OK))
data/gnupg2-2.2.20/g10/gpg.c:3176:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(compress_algo_string,pargs.r.ret_str);
data/gnupg2-2.2.20/g10/gpg.c:4025:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (p, F_OK))
data/gnupg2-2.2.20/g10/gpg.c:4254:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sl->d, fname);
data/gnupg2-2.2.20/g10/gpg.c:4270:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sl->d, fname);
data/gnupg2-2.2.20/g10/gpg.c:4298:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sl->d, fname);
data/gnupg2-2.2.20/g10/gpgcompose.c:2820:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pt->name, li.name);
data/gnupg2-2.2.20/g10/gpgv.c:129:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (result, libname), " "), s);
data/gnupg2-2.2.20/g10/helptext.c:45:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (key, "gpg."), keyword);
data/gnupg2-2.2.20/g10/keydb.c:306:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, F_OK))
data/gnupg2-2.2.20/g10/keydb.c:307:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return !access (filename, R_OK)? 0 : gpg_error (GPG_ERR_EACCES);
data/gnupg2-2.2.20/g10/keydb.c:333:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(filename, F_OK))
data/gnupg2-2.2.20/g10/keydb.c:342:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (filename, F_OK))
data/gnupg2-2.2.20/g10/keydb.c:401:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, F_OK))
data/gnupg2-2.2.20/g10/keydb.c:406:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (bak_fname, F_OK) && !access (tmp_fname, F_OK))
data/gnupg2-2.2.20/g10/keydb.c:406:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (bak_fname, F_OK) && !access (tmp_fname, F_OK))
data/gnupg2-2.2.20/g10/keygen.c:234:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pkt->pkt.user_id->name, s);
data/gnupg2-2.2.20/g10/keygen.c:2716:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uid->name, string);
data/gnupg2-2.2.20/g10/keygen.c:4153:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( r->u.value, value );
data/gnupg2-2.2.20/g10/keygen.c:4204:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, for_subkey ? "encr" : "sign");
data/gnupg2-2.2.20/g10/keygen.c:4217:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, keygrip);
data/gnupg2-2.2.20/g10/keygen.c:4225:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, curve);
data/gnupg2-2.2.20/g10/keygen.c:4266:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, uid);
data/gnupg2-2.2.20/g10/keygen.c:4415:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, s);
data/gnupg2-2.2.20/g10/keygen.c:4488:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( r->u.value, card_serialno);
data/gnupg2-2.2.20/g10/keygen.c:4527:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, info.key_attr[1].curve);
data/gnupg2-2.2.20/g10/keygen.c:4566:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( r->u.value, "%s%s%s",
data/gnupg2-2.2.20/g10/keygen.c:4576:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, key_from_hexgrip);
data/gnupg2-2.2.20/g10/keygen.c:4603:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, curve);
data/gnupg2-2.2.20/g10/keygen.c:4651:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, curve);
data/gnupg2-2.2.20/g10/keygen.c:4667:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, curve);
data/gnupg2-2.2.20/g10/keygen.c:4682:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( r->u.value, "%s%s%s",
data/gnupg2-2.2.20/g10/keygen.c:4772:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, uid);
data/gnupg2-2.2.20/g10/keygen.c:5572:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (para->u.value, serialno);
data/gnupg2-2.2.20/g10/keyid.c:868:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer, fingerprint);
data/gnupg2-2.2.20/g10/keyring.c:208:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kr->fname, fname);
data/gnupg2-2.2.20/g10/keyring.c:231:31: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return r? (r->read_only || !access (r->fname, W_OK)) : 0;
data/gnupg2-2.2.20/g10/keyring.c:1616:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, W_OK))
data/gnupg2-2.2.20/g10/keyserver.c:297:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(keyserver->uri,keyserver->scheme);
data/gnupg2-2.2.20/g10/keyserver.c:299:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(keyserver->uri,uri);
data/gnupg2-2.2.20/g10/keyserver.c:2148:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(keyserver->host,srvlist[i].target);
data/gnupg2-2.2.20/g10/keyserver.c:2158:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(keyserver->host,port);
data/gnupg2-2.2.20/g10/keyserver.c:2172:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(keyserver->host,domain);
data/gnupg2-2.2.20/g10/mainproc.c:1619:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pka->email, nd->value);
data/gnupg2-2.2.20/g10/migrate.c:53:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (secring, F_OK))
data/gnupg2-2.2.20/g10/migrate.c:56:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (flagfile, F_OK))
data/gnupg2-2.2.20/g10/misc.c:916:27: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ret+idx, tmp);
data/gnupg2-2.2.20/g10/misc.c:1015:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&ret[idx],str);
data/gnupg2-2.2.20/g10/misc.c:1533:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access(file,mode);
data/gnupg2-2.2.20/g10/misc.c:1544:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,item);
data/gnupg2-2.2.20/g10/misc.c:1546:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,file);
data/gnupg2-2.2.20/g10/misc.c:1547:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ret=access(buffer,mode);
data/gnupg2-2.2.20/g10/openfile.c:67:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access( fname, F_OK ) )
data/gnupg2-2.2.20/g10/openfile.c:242:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, iname);
data/gnupg2-2.2.20/g10/openfile.c:246:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dot, newsfx);
data/gnupg2-2.2.20/g10/openfile.c:248:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dot, newsfx+1);
data/gnupg2-2.2.20/g10/openfile.c:250:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (buf, newsfx);
data/gnupg2-2.2.20/g10/openfile.c:327:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, R_OK ))
data/gnupg2-2.2.20/g10/passphrase.c:132:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (next_pw, s );
data/gnupg2-2.2.20/g10/passphrase.c:159:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fd_passwd, pass);
data/gnupg2-2.2.20/g10/passphrase.c:371:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( pw, fd_passwd );
data/gnupg2-2.2.20/g10/photoid.c:355:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%08lX" EXTSEP_S "%s",(ulong)kid[1],
data/gnupg2-2.2.20/g10/photoid.c:358:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%08lX%08lX" EXTSEP_S "%s",(ulong)kid[0],(ulong)kid[1],
data/gnupg2-2.2.20/g10/revoke.c:862:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stpcpy(stpcpy( p, description),"\n"),answer);
data/gnupg2-2.2.20/g10/sig-check.c:278:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "%s %s %lu",
data/gnupg2-2.2.20/g10/tdbio.c:714:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, F_OK))
data/gnupg2-2.2.20/g10/tdbio.c:717:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, F_OK))
data/gnupg2-2.2.20/g10/tdbio.c:724:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, R_OK) || stat (fname, &statbuf) || statbuf.st_size == 0)
data/gnupg2-2.2.20/g10/test.c:162:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, srcdir);
data/gnupg2-2.2.20/g10/test.c:164:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (result, fname);
data/gnupg2-2.2.20/g10/tofu.c:1248:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stats->fingerprint, fingerprint);
data/gnupg2-2.2.20/g10/verify.c:134:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "%d %s", what, name );
data/gnupg2-2.2.20/g13/backend.c:119:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (fname, F_OK))
data/gnupg2-2.2.20/g13/g13-syshelp.c:591:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, F_OK))
data/gnupg2-2.2.20/g13/g13-syshelp.c:711:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ti->blockdev, *words[1]=='/'? words[1] : words[1]+9);
data/gnupg2-2.2.20/g13/mount.c:79:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (filename, R_OK))
data/gnupg2-2.2.20/g13/suspend.c:48:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (filename, R_OK))
data/gnupg2-2.2.20/g13/suspend.c:83:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (filename, R_OK))
data/gnupg2-2.2.20/g13/t-g13tuple.c:87:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s: get_membuf failed: %s\n",
data/gnupg2-2.2.20/g13/t-g13tuple.c:94:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s: create_tupledesc failed: %s\n",
data/gnupg2-2.2.20/g13/t-g13tuple.c:102:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s: get_membuf failed: %s\n",
data/gnupg2-2.2.20/g13/t-g13tuple.c:109:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s: create_tupledesc failed: %s\n",
data/gnupg2-2.2.20/g13/t-g13tuple.c:119:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s:tidx=%d: wrong error returned; "
data/gnupg2-2.2.20/g13/t-g13tuple.c:127:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s:tidx=%d: wrong value returned; "
data/gnupg2-2.2.20/g13/t-g13tuple.c:138:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s:tidx=%d: find_tuple failed: %s\n",
data/gnupg2-2.2.20/g13/t-g13tuple.c:145:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s:tidx=%d: wrong error returned (2); "
data/gnupg2-2.2.20/g13/t-g13tuple.c:153:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s:tidx=%d: wrong value returned (2); "
data/gnupg2-2.2.20/g13/t-g13tuple.c:164:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s:tidx=%d: wrong string length returned; "
data/gnupg2-2.2.20/g13/t-g13tuple.c:171:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ":%s:tidx=%d: wrong string returned:",
data/gnupg2-2.2.20/g13/t-g13tuple.c:215:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, PGM ": unknown option '%s'\n", *argv);
data/gnupg2-2.2.20/kbx/keybox-init.c:57:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kr->fname, fname);
data/gnupg2-2.2.20/kbx/keybox-init.c:83:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return r? !access (r->fname, W_OK) : 0;
data/gnupg2-2.2.20/kbx/keybox-update.c:173:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, W_OK))
data/gnupg2-2.2.20/kbx/keybox-update.c:654:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, W_OK))
data/gnupg2-2.2.20/kbx/keybox-util.c:69:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bak_name, filename);
data/gnupg2-2.2.20/kbx/keybox-util.c:70:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bak_name + strlen (filename) - (repl?4:0), b_ext);
data/gnupg2-2.2.20/kbx/keybox-util.c:79:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmp_name, filename);
data/gnupg2-2.2.20/kbx/keybox-util.c:80:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmp_name + strlen (filename) - (repl?4:0), t_ext);
data/gnupg2-2.2.20/kbx/keybox-util.c:96:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (tmp_name,filename), EXTSEP_S "tmp");
data/gnupg2-2.2.20/scd/app-openpgp.c:1751:12: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp = popen (command, "r");
data/gnupg2-2.2.20/scd/app-openpgp.c:2838:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer, resetcode);
data/gnupg2-2.2.20/scd/app-openpgp.c:2842:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer+pinlen0, pinvalue);
data/gnupg2-2.2.20/scd/ccid-driver.c:158:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, DRVNAME t); } while (0)
data/gnupg2-2.2.20/scd/ccid-driver.c:160:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, DRVNAME t, (a)); } while (0)
data/gnupg2-2.2.20/scd/ccid-driver.c:162:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, DRVNAME t, (a), (b)); } while (0)
data/gnupg2-2.2.20/scd/ccid-driver.c:164:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, DRVNAME t, (a), (b), (c)); } while (0)
data/gnupg2-2.2.20/scd/ccid-driver.c:166:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, DRVNAME t, (a), (b), (c), (d));} while(0)
data/gnupg2-2.2.20/scd/ccid-driver.c:168:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, t); } while (0)
data/gnupg2-2.2.20/scd/ccid-driver.c:170:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, t, (a)); } while (0)
data/gnupg2-2.2.20/scd/ccid-driver.c:172:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, t, (a), (b)); } while (0)
data/gnupg2-2.2.20/scd/ccid-driver.c:174:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, t, (a), (b), (c)); } while (0)
data/gnupg2-2.2.20/scd/ccid-driver.c:1002:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, prefix);
data/gnupg2-2.2.20/scd/ccid-driver.c:1016:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result+n, suffix);
data/gnupg2-2.2.20/scd/ccid-driver.c:1039:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rid, prefix);
data/gnupg2-2.2.20/scd/ccid-driver.c:1147:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (p, *rid_list);
data/gnupg2-2.2.20/scd/ccid-driver.c:1150:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (p, rid);
data/gnupg2-2.2.20/scd/scdaemon.c:280:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (result, libname), " "), s);
data/gnupg2-2.2.20/scd/scdaemon.c:892:15: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp (argv[0], argv);
data/gnupg2-2.2.20/sm/certchain.c:619:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (pattern, "/"), s);
data/gnupg2-2.2.20/sm/certchain.c:681:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (pattern, "/"), issuer);
data/gnupg2-2.2.20/sm/certchain.c:689:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (pattern, "#/"), issuer);
data/gnupg2-2.2.20/sm/certdump.c:246:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (p+1, p1),"/"), issuer);
data/gnupg2-2.2.20/sm/certdump.c:341:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, label_map[i].label);
data/gnupg2-2.2.20/sm/certlist.c:592:35: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (notbefore, notbefore2);
data/gnupg2-2.2.20/sm/certreqgen.c:373:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (r->u.value, value);
data/gnupg2-2.2.20/sm/certreqgen.c:845:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf+1, s);
data/gnupg2-2.2.20/sm/certreqgen.c:1012:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, string);
data/gnupg2-2.2.20/sm/certreqgen.c:1149:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexbuf+4, string);
data/gnupg2-2.2.20/sm/certreqgen.c:1188:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexbuf+2, string);
data/gnupg2-2.2.20/sm/gpgsm.c:543:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (result, libname), " "), s);
data/gnupg2-2.2.20/sm/gpgsm.c:1703:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filelist[0], F_OK))
data/gnupg2-2.2.20/sm/gpgsm.c:2310:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv (pgm, av);
data/gnupg2-2.2.20/sm/keydb.c:127:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, F_OK))
data/gnupg2-2.2.20/sm/keydb.c:128:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return !access (filename, R_OK)? 0 : gpg_error (GPG_ERR_EACCES);
data/gnupg2-2.2.20/sm/keydb.c:154:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(filename, F_OK))
data/gnupg2-2.2.20/sm/keydb.c:163:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (filename, F_OK))
data/gnupg2-2.2.20/sm/keydb.c:200:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access(filename, F_OK))
data/gnupg2-2.2.20/sm/qualified.c:178:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (country, mycountry);
data/gnupg2-2.2.20/tests/asschk.c:113:52: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define ATTR_PRINTF(f,a) __attribute__ ((format (printf,f,a)))
data/gnupg2-2.2.20/tests/asschk.c:195:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/tests/asschk.c:216:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/tests/asschk.c:243:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, s);
data/gnupg2-2.2.20/tests/asschk.c:388:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer, line);
data/gnupg2-2.2.20/tests/asschk.c:454:7: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl (pgmname, arg0, "--server", NULL);
data/gnupg2-2.2.20/tests/asschk.c:512:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (var->name, name);
data/gnupg2-2.2.20/tests/asschk.c:537:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (var->value, value);
data/gnupg2-2.2.20/tests/asschk.c:645:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dst + n, pend);
data/gnupg2-2.2.20/tests/gpgscm/ffi-private.h:59:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (ffi_error_message, sizeof ffi_error_message, \
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1287:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
size = vsnprintf (NULL, 0, format, listp);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1295:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
written = vsnprintf (expression, size + 1, format, listp);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1313:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
size = vsnprintf (NULL, 0, format, listp);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1321:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
written = vsnprintf (expression, size + 1, format, listp);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:25:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:25:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:5958:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(banner);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:5980:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(access(file_name,0)!=0) {
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:41:7: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (log_stream, fmt, ap);
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:45:12: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result = vprintf (fmt, ap);
data/gnupg2-2.2.20/tools/ccidmon.c:120:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/tools/ccidmon.c:140:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/tools/ccidmon.c:607:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (databuffer.address, address);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:373:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (var->name, name);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:728:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dst + n, pend);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:777:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (buffer, "get "), p);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:828:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (d->file, p);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1489:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ll->line, line);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1957:16: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp = popen (d->file, "r");
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1180:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (dname, W_OK))
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1457:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (fnewname, W_OK))
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1830:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, W_OK))
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1860:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, F_OK))
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1947:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access (fname, R_OK))
data/gnupg2-2.2.20/tools/gpgconf-comp.c:76:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 3, 4)));
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1662:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (eitem->buffer, p);
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1679:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (eitem->buffer, p);
data/gnupg2-2.2.20/tools/gpgconf-comp.c:2118:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (only_installed && access (pgmname, X_OK))
data/gnupg2-2.2.20/tools/gpgconf-comp.c:4058:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (fname_buffer, F_OK))
data/gnupg2-2.2.20/tools/gpgparsemail.c:94:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/tools/gpgparsemail.c:112:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/tools/gpgparsemail.c:225:9: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp ("gpgsm", "gpgsm",
data/gnupg2-2.2.20/tools/gpgparsemail.c:234:9: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp ("gpg", "gpg",
data/gnupg2-2.2.20/tools/gpgparsemail.c:519:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stpcpy (stpcpy (buf, s1), "/"), s2);
data/gnupg2-2.2.20/tools/gpgsplit.c:212:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (name, "%s%06u-%03d" EXTSEP_S "%.40s",
data/gnupg2-2.2.20/tools/gpgtar-create.c:240:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, entryname);
data/gnupg2-2.2.20/tools/gpgtar-create.c:298:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fname, dname);
data/gnupg2-2.2.20/tools/no-libgcrypt.c:60:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, string);
data/gnupg2-2.2.20/tools/no-libgcrypt.c:104:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p, string );
data/gnupg2-2.2.20/tools/rfc822parse.c:429:23: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (msg->current_part->boundary, s);
data/gnupg2-2.2.20/tools/symcryptrun.c:272:4: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv (SHRED, args);
data/gnupg2-2.2.20/tools/symcryptrun.c:593:7: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv (opt.program, args);
data/gnupg2-2.2.20/tools/symcryptrun.c:818:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (infile, tmpdir);
data/gnupg2-2.2.20/tools/symcryptrun.c:831:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (outfile, tmpdir);
data/gnupg2-2.2.20/tools/watchgnupg.c:69:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/tools/watchgnupg.c:86:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arg_ptr);
data/gnupg2-2.2.20/tools/wks-util.c:111:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sl->uid, uid);
data/gnupg2-2.2.20/tools/wks-util.c:893:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (fname, F_OK))
data/gnupg2-2.2.20/agent/command.c:2993:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *s = getenv (line);
data/gnupg2-2.2.20/agent/gpg-agent.c:654:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envvar = getenv ("LISTEN_PID");
data/gnupg2-2.2.20/agent/gpg-agent.c:665:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envvar = getenv ("LISTEN_FDNAMES");
data/gnupg2-2.2.20/agent/gpg-agent.c:685:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envvar = getenv ("LISTEN_FDS");
data/gnupg2-2.2.20/agent/gpg-agent.c:1069:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
shell = getenv ("SHELL");
data/gnupg2-2.2.20/agent/gpg-agent.c:1086:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv (names[idx]);
data/gnupg2-2.2.20/agent/gpg-agent.c:1101:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
opt.startup_lc_ctype = getenv ("LC_CTYPE");
data/gnupg2-2.2.20/agent/gpg-agent.c:1104:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
opt.startup_lc_messages = getenv ("LC_MESSAGES");
data/gnupg2-2.2.20/agent/gpg-agent.c:1487:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!default_ttytype && getenv ("TERM"))
data/gnupg2-2.2.20/agent/gpg-agent.c:1488:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
default_ttytype = xstrdup (getenv ("TERM"));
data/gnupg2-2.2.20/common/asshelp.c:112:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
flagstr = getenv ("ASSUAN_DEBUG");
data/gnupg2-2.2.20/common/audit.c:1180:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv ("gnupg_debug_audit")))
data/gnupg2-2.2.20/common/common-defs.h:36:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#define getenv(a) (NULL)
data/gnupg2-2.2.20/common/dynload.h:48:15: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hd = wname? LoadLibrary (wname) : NULL;
data/gnupg2-2.2.20/common/dynload.h:51:8: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hd = LoadLibrary (name);
data/gnupg2-2.2.20/common/homedir.c:296:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dir = getenv ("GNUPGHOME");
data/gnupg2-2.2.20/common/homedir.c:1057:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
gnupg_build_directory = getenv ("GNUPG_BUILDDIR");
data/gnupg2-2.2.20/common/localename.c:84:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
retval = getenv ("LC_ALL");
data/gnupg2-2.2.20/common/localename.c:88:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
retval = getenv (categoryname);
data/gnupg2-2.2.20/common/localename.c:92:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
retval = getenv ("LANG");
data/gnupg2-2.2.20/common/mischelp.c:183:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
zone=getenv("TZ");
data/gnupg2-2.2.20/common/session-env.c:344:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
defvalue = getenv (name);
data/gnupg2-2.2.20/common/simple-pwquery.c:130:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dft_display = getenv ("DISPLAY");
data/gnupg2-2.2.20/common/simple-pwquery.c:137:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dft_ttyname = getenv ("GPG_TTY");
data/gnupg2-2.2.20/common/simple-pwquery.c:148:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dft_ttytype = getenv ("TERM");
data/gnupg2-2.2.20/common/simple-pwquery.c:207:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dft_xauthority = getenv ("XAUTHORITY");
data/gnupg2-2.2.20/common/simple-pwquery.c:216:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dft_pinentry_user_data = getenv ("PINENTRY_USER_DATA");
data/gnupg2-2.2.20/common/stringhelp.c:446:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home = getenv("HOME");
data/gnupg2-2.2.20/common/sysutils.c:939:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (! getenv (name) || overwrite)
data/gnupg2-2.2.20/common/t-stringhelp.c:57:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home = getenv("HOME");
data/gnupg2-2.2.20/common/t-support.h:45:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
# define getenv(a) (NULL)
data/gnupg2-2.2.20/common/utf8conv.c:215:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
lc = getenv ("LC_ALL");
data/gnupg2-2.2.20/common/utf8conv.c:218:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
lc = getenv ("LC_CTYPE");
data/gnupg2-2.2.20/common/utf8conv.c:220:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
lc = getenv ("LANG");
data/gnupg2-2.2.20/common/util.h:358:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
#define getenv(a) _gnupg_getenv ((a))
data/gnupg2-2.2.20/dirmngr/certcache.c:567:18: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hCrypt32 = LoadLibrary ("Crypt32.dll");
data/gnupg2-2.2.20/dirmngr/dirmngr.c:892:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
shell = getenv ("SHELL");
data/gnupg2-2.2.20/dirmngr/dirmngr_ldap.c:287:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
myopt->pass = getenv ("DIRMNGR_LDAP_PASS");
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:604:38: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv ("SystemRoot"));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2169:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand (time (NULL)*getpid());
data/gnupg2-2.2.20/dirmngr/dns.c:442:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define DNS_RANDOM random
data/gnupg2-2.2.20/dirmngr/dns.c:11425:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (ch = getopt(argc, argv, "q:t:c:n:l:z:s:S:P:A:f:vVh"))) {
data/gnupg2-2.2.20/dirmngr/http.c:1834:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
&& (http_proxy = getenv (HTTP_PROXY_ENV))
data/gnupg2-2.2.20/dirmngr/server.c:2692:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *s = getenv (line);
data/gnupg2-2.2.20/dirmngr/t-http.c:181:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!srcdir && !(srcdir = getenv ("srcdir")))
data/gnupg2-2.2.20/doc/yat2m.c:1623:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!opt_date && (s = getenv ("SOURCE_DATE_EPOCH")) && *s)
data/gnupg2-2.2.20/g10/exec.c:156:12: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if (!CreateProcess (NULL, string, NULL, NULL, FALSE,
data/gnupg2-2.2.20/g10/exec.c:156:12: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if (!CreateProcess (NULL, string, NULL, NULL, FALSE,
data/gnupg2-2.2.20/g10/exec.c:235:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tmp=getenv("TMPDIR");
data/gnupg2-2.2.20/g10/exec.c:238:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tmp=getenv("TMP");
data/gnupg2-2.2.20/g10/exec.c:445:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *shell=getenv("SHELL");
data/gnupg2-2.2.20/g10/gpg.c:1283:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str=getenv("COLUMNS");
data/gnupg2-2.2.20/g10/gpg.c:1287:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str=getenv("LINES");
data/gnupg2-2.2.20/g10/misc.c:1522:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envpath=getenv("PATH");
data/gnupg2-2.2.20/g10/test.c:158:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!srcdir && !(srcdir = getenv ("abs_top_srcdir")))
data/gnupg2-2.2.20/g10/test.c:184:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv ("verbose");
data/gnupg2-2.2.20/g13/g13-syshelp.c:482:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
uidstr = getenv ("USERV_UID");
data/gnupg2-2.2.20/scd/scdaemon.c:487:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
shell = getenv ("SHELL");
data/gnupg2-2.2.20/sm/misc.c:56:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if (!(lc=getenv ("GPG_TTY")) || !*lc)
data/gnupg2-2.2.20/tests/asschk.c:913:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = *arg? getenv (arg):"";
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:240:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
value = getenv (name);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:550:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand (seed);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:561:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
v = random ();
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1368:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ffi_define_function (sc, getenv);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1388:28: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ffi_define_function (sc, srandom);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1389:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ffi_define_function (sc, random);
data/gnupg2-2.2.20/tests/gpgscm/main.c:269:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv ("GPGSCM_PATH"))
data/gnupg2-2.2.20/tests/gpgscm/main.c:270:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
scmpath = getenv ("GPGSCM_PATH");
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:5981:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *p=getenv("TINYSCHEMEINIT");
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:215:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
args = getenv ("PINENTRY_USER_DATA");
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:408:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!var && (s = getenv (name)))
data/gnupg2-2.2.20/tools/make-dns-cert.c:203:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((arg=getopt(argc,argv,"hf:u:k:n:"))!=-1)
data/gnupg2-2.2.20/tools/sockprox.c:481:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "hvp:s:l:",
data/gnupg2-2.2.20/tools/symcryptrun.c:320:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
p = getenv ("TMPDIR");
data/gnupg2-2.2.20/agent/agent.h:244:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char value[MAX_DIGEST_LEN];
data/gnupg2-2.2.20/agent/agent.h:248:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keygrip[20];
data/gnupg2-2.2.20/agent/agent.h:293:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pin[1]; /* The buffer to hold the PIN or passphrase.
data/gnupg2-2.2.20/agent/cache.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1]; /* A string. */
data/gnupg2-2.2.20/agent/cache.c:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[1];
data/gnupg2-2.2.20/agent/cache.c:168:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (d->data, string, length);
data/gnupg2-2.2.20/agent/call-pinentry.c:269:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidbuf[50];
data/gnupg2-2.2.20/agent/call-pinentry.c:295:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[5];
data/gnupg2-2.2.20/agent/call-pinentry.c:745:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (parm->buffer, buffer, length);
data/gnupg2-2.2.20/agent/call-pinentry.c:829:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/gnupg2-2.2.20/agent/call-pinentry.c:861:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-pinentry.c:969:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-pinentry.c:993:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pininfo->pin, passphrase, size);
data/gnupg2-2.2.20/agent/call-pinentry.c:1207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-pinentry.c:1334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-pinentry.c:1412:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-pinentry.c:1480:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-pinentry.c:1589:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:205:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[5];
data/gnupg2-2.2.20/agent/call-scd.c:389:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (socket_name, databuf, datalen);
data/gnupg2-2.2.20/agent/call-scd.c:403:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gnupg2-2.2.20/agent/call-scd.c:681:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*serialno, line, n);
data/gnupg2-2.2.20/agent/call-scd.c:695:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:702:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (line, "SERIALNO");
data/gnupg2-2.2.20/agent/call-scd.c:829:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:891:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*r_padding = atoi (s);
data/gnupg2-2.2.20/agent/call-scd.c:914:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:934:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%02X", indata[len]);
data/gnupg2-2.2.20/agent/call-scd.c:977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:1012:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:1068:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:1137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:1219:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/agent/call-scd.c:1224:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (line, "GETINFO card_list");
data/gnupg2-2.2.20/agent/call-scd.c:1250:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[200];
data/gnupg2-2.2.20/agent/command-ssh.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+1]; /* The hexgrip of the item (uppercase). */
data/gnupg2-2.2.20/agent/command-ssh.c:469:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4];
data/gnupg2-2.2.20/agent/command-ssh.c:498:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4];
data/gnupg2-2.2.20/agent/command-ssh.c:542:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/gnupg2-2.2.20/agent/command-ssh.c:800:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/gnupg2-2.2.20/agent/command-ssh.c:855:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cf->fp = fopen (cf->fname, append? "a+":"r");
data/gnupg2-2.2.20/agent/command-ssh.c:868:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cf->fp = fopen (cf->fname, append? "a+":"r");
data/gnupg2-2.2.20/agent/command-ssh.c:923:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *pend, line[256];
data/gnupg2-2.2.20/agent/command-ssh.c:1228:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uphexgrip[41];
data/gnupg2-2.2.20/agent/command-ssh.c:1461:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[SSH_DSA_SIGNATURE_PADDING * SSH_DSA_SIGNATURE_ELEMS];
data/gnupg2-2.2.20/agent/command-ssh.c:1523:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + (i * SSH_DSA_SIGNATURE_PADDING)
data/gnupg2-2.2.20/agent/command-ssh.c:1557:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *data[2] = {NULL, NULL};
data/gnupg2-2.2.20/agent/command-ssh.c:1645:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *data[2] = {NULL, NULL};
data/gnupg2-2.2.20/agent/command-ssh.c:2415:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command-ssh.c:2638:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command-ssh.c:2730:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+1];
data/gnupg2-2.2.20/agent/command-ssh.c:2828:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[MAX_DIGEST_LEN];
data/gnupg2-2.2.20/agent/command-ssh.c:2830:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key_grip[20];
data/gnupg2-2.2.20/agent/command-ssh.c:2904:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ctrl->keygrip, key_grip, 20);
data/gnupg2-2.2.20/agent/command-ssh.c:2922:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ctrl->digest.value, hash, hash_n);
data/gnupg2-2.2.20/agent/command-ssh.c:3053:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key_grip_raw[20];
data/gnupg2-2.2.20/agent/command-ssh.c:3054:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_grip[41];
data/gnupg2-2.2.20/agent/command-ssh.c:3176:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key_grip[21] = { 0 };
data/gnupg2-2.2.20/agent/command-ssh.c:3826:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (request+4, response_data, response_size);
data/gnupg2-2.2.20/agent/command.c:123:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[1]; /* Key | Nul | value. */
data/gnupg2-2.2.20/agent/command.c:336:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/gnupg2-2.2.20/agent/command.c:468:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[41];
data/gnupg2-2.2.20/agent/command.c:478:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (fpr, "00000000");
data/gnupg2-2.2.20/agent/command.c:524:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[41];
data/gnupg2-2.2.20/agent/command.c:538:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (fpr, "00000000");
data/gnupg2-2.2.20/agent/command.c:569:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[20];
data/gnupg2-2.2.20/agent/command.c:970:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command.c:1106:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+1];
data/gnupg2-2.2.20/agent/command.c:1117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ttlbuf[20];
data/gnupg2-2.2.20/agent/command.c:1118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flagsbuf[5];
data/gnupg2-2.2.20/agent/command.c:1241:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command.c:1246:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[41];
data/gnupg2-2.2.20/agent/command.c:1454:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_repeat = atoi (p);
data/gnupg2-2.2.20/agent/command.c:1717:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command.c:1787:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/gnupg2-2.2.20/agent/command.c:1817:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/gnupg2-2.2.20/agent/command.c:1837:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/gnupg2-2.2.20/agent/command.c:1854:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+1];
data/gnupg2-2.2.20/agent/command.c:2080:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command.c:2191:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/gnupg2-2.2.20/agent/command.c:2268:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command.c:2353:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/gnupg2-2.2.20/agent/command.c:2437:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command.c:2484:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/command.c:2712:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (vl->d + vl->off, value, valuelen);
data/gnupg2-2.2.20/agent/command.c:2897:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/agent/command.c:2913:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/agent/command.c:3002:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/gnupg2-2.2.20/agent/command.c:3012:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[5];
data/gnupg2-2.2.20/agent/command.c:3017:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
&& atoi (fields[4]) > 0)
data/gnupg2-2.2.20/agent/command.c:3028:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/agent/command.c:3035:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/agent/command.c:3116:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctrl->server_local->use_cache_for_signing = *value? !!atoi (value) : 0;
data/gnupg2-2.2.20/agent/command.c:3131:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctrl->cache_ttl_opt_preset = *value? atoi (value) : 0;
data/gnupg2-2.2.20/agent/cvt-openpgp.c:705:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iv[16];
data/gnupg2-2.2.20/agent/cvt-openpgp.c:763:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv, value, valuelen);
data/gnupg2-2.2.20/agent/cvt-openpgp.c:781:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s2k_salt, value, valuelen);
data/gnupg2-2.2.20/agent/cvt-openpgp.c:1050:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/cvt-openpgp.c:1101:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *bufarr[10];
data/gnupg2-2.2.20/agent/cvt-openpgp.c:1140:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, bufarr[i], narr[i]);
data/gnupg2-2.2.20/agent/cvt-openpgp.c:1326:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char protect_iv[16];
data/gnupg2-2.2.20/agent/cvt-openpgp.c:1327:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char salt[8];
data/gnupg2-2.2.20/agent/cvt-openpgp.c:1356:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char countbuf[35];
data/gnupg2-2.2.20/agent/divert-scd.c:151:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char asn[100];
data/gnupg2-2.2.20/agent/divert-scd.c:169:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (frame, asn, asnlen);
data/gnupg2-2.2.20/agent/divert-scd.c:170:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (frame+asnlen, digest, digestlen);
data/gnupg2-2.2.20/agent/findkey.c:147:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+4+1];
data/gnupg2-2.2.20/agent/findkey.c:150:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hexgrip+40, ".key");
data/gnupg2-2.2.20/agent/findkey.c:392:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out, comment, comment_length);
data/gnupg2-2.2.20/agent/findkey.c:405:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out, comment, comment_length);
data/gnupg2-2.2.20/agent/findkey.c:502:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+1];
data/gnupg2-2.2.20/agent/findkey.c:710:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+4+1];
data/gnupg2-2.2.20/agent/findkey.c:716:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hexgrip+40, ".key");
data/gnupg2-2.2.20/agent/findkey.c:830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+4+1];
data/gnupg2-2.2.20/agent/findkey.c:833:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hexgrip+40, ".key");
data/gnupg2-2.2.20/agent/findkey.c:962:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*shadow_info, s, n);
data/gnupg2-2.2.20/agent/findkey.c:1138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algoname[6];
data/gnupg2-2.2.20/agent/findkey.c:1171:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algoname[6];
data/gnupg2-2.2.20/agent/findkey.c:1355:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+4+1];
data/gnupg2-2.2.20/agent/findkey.c:1358:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hexgrip+40, ".key");
data/gnupg2-2.2.20/agent/findkey.c:1431:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_shadow_info, s, n);
data/gnupg2-2.2.20/agent/findkey.c:1472:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+4+1];
data/gnupg2-2.2.20/agent/genkey.c:41:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/genkey.c:100:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[10];
data/gnupg2-2.2.20/agent/genkey.c:525:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[12];
data/gnupg2-2.2.20/agent/genkey.c:536:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/genkey.c:537:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+1];
data/gnupg2-2.2.20/agent/gpg-agent.c:555:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numlvl = numok? atoi (debug_level) : 0;
data/gnupg2-2.2.20/agent/gpg-agent.c:687:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fd_count = atoi (envvar);
data/gnupg2-2.2.20/agent/gpg-agent.c:1157:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
configfp = fopen (configname, "r");
data/gnupg2-2.2.20/agent/gpg-agent.c:1768:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
&& open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
data/gnupg2-2.2.20/agent/gpg-agent.c:2047:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (config_filename, "r");
data/gnupg2-2.2.20/agent/learncard.c:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[1]; /* The keygrip (i.e. a hash over the public key
data/gnupg2-2.2.20/agent/learncard.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1];
data/gnupg2-2.2.20/agent/learncard.c:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[1];
data/gnupg2-2.2.20/agent/learncard.c:243:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (item->keyword, keyword, keywordlen);
data/gnupg2-2.2.20/agent/learncard.c:311:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/pksign.c:45:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16+1];
data/gnupg2-2.2.20/agent/pksign.c:257:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (frame+n, md, mdlen );
data/gnupg2-2.2.20/agent/pksign.c:410:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r_buf + 1, buf, len/2);
data/gnupg2-2.2.20/agent/pksign.c:428:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s_buf + 1, buf + len/2, len/2);
data/gnupg2-2.2.20/agent/preset-passphrase.c:122:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passphrase[500];
data/gnupg2-2.2.20/agent/protect-tool.c:278:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "rb");
data/gnupg2-2.2.20/agent/protect-tool.c:523:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/agent/protect-tool.c:785:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&pininfo->pin, passphrase, size);
data/gnupg2-2.2.20/agent/protect-tool.c:805:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[40+4+1];
data/gnupg2-2.2.20/agent/protect-tool.c:811:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hexgrip+40, ".key");
data/gnupg2-2.2.20/agent/protect.c:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[PROT_CIPHER_KEYLEN];
data/gnupg2-2.2.20/agent/protect.c:373:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hashvalue[20];
data/gnupg2-2.2.20/agent/protect.c:503:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (hashvalue, gcry_md_read (md, GCRY_MD_SHA1), 20);
data/gnupg2-2.2.20/agent/protect.c:515:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, protbegin, protlen);
data/gnupg2-2.2.20/agent/protect.c:524:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, ")(4:hash4:sha120:", 17);
data/gnupg2-2.2.20/agent/protect.c:526:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, hashvalue, 20);
data/gnupg2-2.2.20/agent/protect.c:530:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, iv+blklen, blklen); /* Add padding. */
data/gnupg2-2.2.20/agent/protect.c:565:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char countbuf[35];
data/gnupg2-2.2.20/agent/protect.c:587:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p+saltpos, s2ksalt, 8);
data/gnupg2-2.2.20/agent/protect.c:588:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p+ivpos, iv, use_ocb? 12 : blklen);
data/gnupg2-2.2.20/agent/protect.c:589:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p+encpos, outbuf, enclen);
data/gnupg2-2.2.20/agent/protect.c:620:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp_exp[35];
data/gnupg2-2.2.20/agent/protect.c:631:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (timestamp_exp, "(12:protected-at15:", 19);
data/gnupg2-2.2.20/agent/protect.c:753:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, "(21:protected-", 14);
data/gnupg2-2.2.20/agent/protect.c:755:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, plainkey+4, prot_begin - plainkey - 4);
data/gnupg2-2.2.20/agent/protect.c:757:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, protected, protectedlen);
data/gnupg2-2.2.20/agent/protect.c:760:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, timestamp_exp, 35);
data/gnupg2-2.2.20/agent/protect.c:763:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, prot_end+1, real_end - prot_end);
data/gnupg2-2.2.20/agent/protect.c:946:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy ((char*)newlist, "(11:private-key");
data/gnupg2-2.2.20/agent/protect.c:948:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, protectedkey+15+10, replacepos-15-10);
data/gnupg2-2.2.20/agent/protect.c:992:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sha1hash, s, 20);
data/gnupg2-2.2.20/agent/protect.c:999:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, startpos, endpos - startpos);
data/gnupg2-2.2.20/agent/protect.c:1037:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, startpos, endpos - startpos);
data/gnupg2-2.2.20/agent/protect.c:1084:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sha1hash[20], sha1hash2[20];
data/gnupg2-2.2.20/agent/protect.c:1149:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (protected_at, s, 15);
data/gnupg2-2.2.20/agent/protect.c:1492:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/gnupg2-2.2.20/agent/protect.c:1587:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, pubkey+14, point - (pubkey+14));
data/gnupg2-2.2.20/agent/protect.c:1590:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, shadow_info, shadow_info_len);
data/gnupg2-2.2.20/agent/protect.c:1593:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, point, pubkey_len - (point - pubkey));
data/gnupg2-2.2.20/agent/protect.c:1726:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_idstr, s, n);
data/gnupg2-2.2.20/agent/protect.c:1752:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmpstr, s, n);
data/gnupg2-2.2.20/agent/trustlist.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20]; /* The binary fingerprint. */
data/gnupg2-2.2.20/agent/trustlist.c:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, line[256];
data/gnupg2-2.2.20/agent/trustlist.c:412:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fprbin[20];
data/gnupg2-2.2.20/agent/trustlist.c:492:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[51];
data/gnupg2-2.2.20/build-aux/speedo/w32/exdll.h:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1]; /* This should be the length of string_size. */
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:123:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAX_PATH];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sleepstr[30];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAX_PATH];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:280:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:296:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_name[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:297:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char display_name[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:298:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char program[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_name[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:458:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_name[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:459:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argc_str[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:462:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argv_str[NR_ARGS][ARG_MAX];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:463:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[NR_ARGS + 1];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:478:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argc = atoi (argc_str);
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:520:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_name[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:577:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:598:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_name[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:722:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
conf = fopen (fname, "r");
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:729:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:811:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *keys[MAX_KEYS];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:812:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *values[MAX_KEYS];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:825:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:849:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:876:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[256];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:903:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| atoi (value) != 0)
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:979:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_LENGTH_LIMIT];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:980:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is_user_install[2];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1091:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_LENGTH_LIMIT];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1092:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is_user_install[2];
data/gnupg2-2.2.20/common/argparse.c:275:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* String with the long option name. */
data/gnupg2-2.2.20/common/argparse.c:458:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/gnupg2-2.2.20/common/argparse.c:567:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[100];
data/gnupg2-2.2.20/common/argparse.c:835:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, keyword, i);
data/gnupg2-2.2.20/common/argparse.c:1300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2];
data/gnupg2-2.2.20/common/asshelp.c:114:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_cats = atoi (flagstr);
data/gnupg2-2.2.20/common/asshelp.c:379:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[6];
data/gnupg2-2.2.20/common/asshelp.c:570:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[4];
data/gnupg2-2.2.20/common/asshelp2.c:88:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[950], *p;
data/gnupg2-2.2.20/common/audit.c:754:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[35];
data/gnupg2-2.2.20/common/audit.c:896:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[35];
data/gnupg2-2.2.20/common/audit.c:986:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[35];
data/gnupg2-2.2.20/common/b64dec.c:33:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const asctobin[128] =
data/gnupg2-2.2.20/common/b64enc.c:39:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char bintoasc[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
data/gnupg2-2.2.20/common/b64enc.c:206:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char radbuf[4];
data/gnupg2-2.2.20/common/b64enc.c:240:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (radbuf, state->radbuf, idx);
data/gnupg2-2.2.20/common/b64enc.c:257:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4];
data/gnupg2-2.2.20/common/b64enc.c:288:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (state->radbuf, radbuf, idx);
data/gnupg2-2.2.20/common/b64enc.c:308:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char radbuf[4];
data/gnupg2-2.2.20/common/b64enc.c:310:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4];
data/gnupg2-2.2.20/common/b64enc.c:322:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (radbuf, state->radbuf, idx);
data/gnupg2-2.2.20/common/call-gpg.c:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/common/call-gpg.c:183:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _buffer[4096];
data/gnupg2-2.2.20/common/call-gpg.c:311:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/common/call-gpg.c:423:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/common/compliance.c:498:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[5];
data/gnupg2-2.2.20/common/compliance.c:503:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
&& atoi (fields[4]) > 0)
data/gnupg2-2.2.20/common/dotlock.c:514:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_space[10+1+70+1]; /* 70 is just an estimated value; node
data/gnupg2-2.2.20/common/dotlock.c:533:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd = open (h->lockname, O_RDONLY)) == -1 )
data/gnupg2-2.2.20/common/dotlock.c:577:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| (buffer[10] = 0, pid = atoi (buffer)) == -1
data/gnupg2-2.2.20/common/dotlock.c:648:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidstr[16];
data/gnupg2-2.2.20/common/dotlock.c:697:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (h->tname, O_WRONLY|O_CREAT|O_EXCL,
data/gnupg2-2.2.20/common/dotlock.c:1027:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (h->lockname, O_WRONLY|O_CREAT|O_EXCL,
data/gnupg2-2.2.20/common/dotlock.c:1044:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidstr[16];
data/gnupg2-2.2.20/common/dynload.h:80:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/gnupg2-2.2.20/common/exechelp-posix.c:128:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = atoi (s);
data/gnupg2-2.2.20/common/exechelp-posix.c:309:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fds[i] = open ("/dev/null", i? O_WRONLY : O_RDONLY);
data/gnupg2-2.2.20/common/exechelp-w32ce.c:102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/common/exechelp-w32ce.c:367:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fdbuf[3*30];
data/gnupg2-2.2.20/common/exechelp-w32ce.c:375:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (p, "-&S0=null ");
data/gnupg2-2.2.20/common/exechelp-w32ce.c:381:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (p, "-&S1=null ");
data/gnupg2-2.2.20/common/exechelp-w32ce.c:387:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (p, "-&S2=null ");
data/gnupg2-2.2.20/common/exectool.c:176:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (newbuffer, state->buffer, state->used);
data/gnupg2-2.2.20/common/exectool.c:198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/common/exectool.c:328:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extrafdbuf[20];
data/gnupg2-2.2.20/common/get-passphrase.c:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/common/get-passphrase.c:243:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/common/gettime.c:94:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, tp, sizeof *result);
data/gnupg2-2.2.20/common/gettime.c:191:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(string);
data/gnupg2-2.2.20/common/gettime.c:192:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(string+5);
data/gnupg2-2.2.20/common/gettime.c:193:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(string+8);
data/gnupg2-2.2.20/common/gettime.c:324:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (atime, string, 15);
data/gnupg2-2.2.20/common/gettime.c:567:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[30];
data/gnupg2-2.2.20/common/gettime.c:579:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%uy%ud%uh%um", years, days, hours, minutes );
data/gnupg2-2.2.20/common/gettime.c:633:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[11+5];
data/gnupg2-2.2.20/common/gettime.c:639:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buffer, "????" "-??" "-??");
data/gnupg2-2.2.20/common/gettime.c:657:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[25+5];
data/gnupg2-2.2.20/common/gettime.c:663:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buffer, "????" "-??" "-??" " " "??" ":" "??" ":" "??");
data/gnupg2-2.2.20/common/gettime.c:682:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[50];
data/gnupg2-2.2.20/common/gettime.c:684:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fmt[50];
data/gnupg2-2.2.20/common/gettime.c:691:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buffer, "????" "-??" "-??");
data/gnupg2-2.2.20/common/gettime.c:700:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( fmt, " %Z");
data/gnupg2-2.2.20/common/gettime.c:906:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (d, s, 15);
data/gnupg2-2.2.20/common/gettime.h:39:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char gnupg_isotime_t[16];
data/gnupg2-2.2.20/common/helpfile.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, line[256];
data/gnupg2-2.2.20/common/helpfile.c:51:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "r");
data/gnupg2-2.2.20/common/helpfile.c:176:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (stpcpy (ext, locname), ".txt");
data/gnupg2-2.2.20/common/helpfile.c:189:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (p, ".txt");
data/gnupg2-2.2.20/common/helpfile.c:199:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ext, "txt");
data/gnupg2-2.2.20/common/homedir.c:251:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/gnupg2-2.2.20/common/homedir.c:265:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (stpcpy (tmp, path), "\\gnupg");
data/gnupg2-2.2.20/common/homedir.c:365:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (fname + strlen (fname) - 3, "ctl");
data/gnupg2-2.2.20/common/homedir.c:388:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[MAX_PATH+5];
data/gnupg2-2.2.20/common/homedir.c:394:7: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wdir [MAX_PATH+5];
data/gnupg2-2.2.20/common/homedir.c:443:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/gnupg2-2.2.20/common/homedir.c:457:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (stpcpy (tmp, path), "\\GNU");
data/gnupg2-2.2.20/common/homedir.c:531:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/gnupg2-2.2.20/common/homedir.c:591:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[19 + 1 + 20 + 6 + 1];
data/gnupg2-2.2.20/common/homedir.c:632:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (prefix, "/gnupg");
data/gnupg2-2.2.20/common/homedir.c:672:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sha1buf[20];
data/gnupg2-2.2.20/common/homedir.c:906:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/gnupg2-2.2.20/common/i18n.c:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lc_messages[1];
data/gnupg2-2.2.20/common/init.c:266:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fd = _assuan_w32ce_finish_pipe (atoi (s+5), s[3] != '0');
data/gnupg2-2.2.20/common/iobuf.c:96:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1]; /* Name of the file. */
data/gnupg2-2.2.20/common/iobuf.c:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1]; /* Name of the file. */
data/gnupg2-2.2.20/common/iobuf.c:116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1];
data/gnupg2-2.2.20/common/iobuf.c:132:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1]; /* Name of the file */
data/gnupg2-2.2.20/common/iobuf.c:353:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open (fname, oflag, cflag);
data/gnupg2-2.2.20/common/iobuf.c:925:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a->buffer + a->buflen, buf, size);
data/gnupg2-2.2.20/common/iobuf.c:969:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a->buffer, p, nbytes);
data/gnupg2-2.2.20/common/iobuf.c:1069:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, "?", 2);
data/gnupg2-2.2.20/common/iobuf.c:1344:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (fcx->fname, "[fd %d]", fd);
data/gnupg2-2.2.20/common/iobuf.c:1382:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (fcx->fname, "[fd %p]", estream);
data/gnupg2-2.2.20/common/iobuf.c:1406:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (scx->fname, "[sock %d]", fd);
data/gnupg2-2.2.20/common/iobuf.c:1579:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (b, a, sizeof *b);
data/gnupg2-2.2.20/common/iobuf.c:1684:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a, b, sizeof *a);
data/gnupg2-2.2.20/common/iobuf.c:1726:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a, b, sizeof *a);
data/gnupg2-2.2.20/common/iobuf.c:1807:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a, b, sizeof *a);
data/gnupg2-2.2.20/common/iobuf.c:1886:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a, b, sizeof *a);
data/gnupg2-2.2.20/common/iobuf.c:2031:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, a->d.buf + a->d.start, size);
data/gnupg2-2.2.20/common/iobuf.c:2095:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, &a->d.buf[a->d.start], n);
data/gnupg2-2.2.20/common/iobuf.c:2143:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (a->d.buf + a->d.len, buf, size);
data/gnupg2-2.2.20/common/iobuf.c:2204:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, a->d.buf, n);
data/gnupg2-2.2.20/common/ksba-io-support.c:58:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char line[1024];
data/gnupg2-2.2.20/common/ksba-io-support.c:98:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char radbuf[4];
data/gnupg2-2.2.20/common/ksba-io-support.c:119:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bintoasc[64] =
data/gnupg2-2.2.20/common/ksba-io-support.c:124:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char asctobin[256] = {
data/gnupg2-2.2.20/common/ksba-io-support.c:431:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char radbuf[4];
data/gnupg2-2.2.20/common/logging.c:104:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prefix_buffer[80];
data/gnupg2-2.2.20/common/logging.c:149:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/gnupg2-2.2.20/common/logging.c:265:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (srvr_addr_un.sun_path, "/S.log");
data/gnupg2-2.2.20/common/logging.c:534:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cookie->fd = open (name, O_WRONLY|O_APPEND|O_CREAT,
data/gnupg2-2.2.20/common/membuf.c:114:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (mb->buf + mb->len, buf, len);
data/gnupg2-2.2.20/common/miscellaneous.c:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2];
data/gnupg2-2.2.20/common/miscellaneous.c:307:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(d, "x%02x", *p );
data/gnupg2-2.2.20/common/mischelp.c:196:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(old_zone,"TZ=");
data/gnupg2-2.2.20/common/name-value.c:175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LINELEN+3];
data/gnupg2-2.2.20/common/name-value.c:314:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, start, l);
data/gnupg2-2.2.20/common/openpgp-oid.c:223:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
p += sprintf (p, "0.%d", buf[n]);
data/gnupg2-2.2.20/common/openpgp-oid.c:225:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
p += sprintf (p, "1.%d", buf[n]-40);
data/gnupg2-2.2.20/common/openpgp-oid.c:238:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "2.%lu", val);
data/gnupg2-2.2.20/common/openpgp-oid.c:251:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, ".%lu", val);
data/gnupg2-2.2.20/common/recsel.c:69:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* Name of the property. */
data/gnupg2-2.2.20/common/session-env.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* Nul terminated Name and space for the value. */
data/gnupg2-2.2.20/common/session-env.c:204:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (se->array[idx]->value, value, valuelen);
data/gnupg2-2.2.20/common/session-env.c:242:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (var->name, string, namelen);
data/gnupg2-2.2.20/common/sexputil.c:280:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50], *numbufp;
data/gnupg2-2.2.20/common/sexputil.c:321:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/gnupg2-2.2.20/common/sexputil.c:350:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, s, n);
data/gnupg2-2.2.20/common/sexputil.c:371:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mlen_str[35];
data/gnupg2-2.2.20/common/sexputil.c:372:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char elen_str[35];
data/gnupg2-2.2.20/common/sexputil.c:405:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, m, mlen);
data/gnupg2-2.2.20/common/sexputil.c:411:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, e, elen);
data/gnupg2-2.2.20/common/sexputil.c:522:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algoname[6];
data/gnupg2-2.2.20/common/sexputil.c:533:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (algoname, s, n);
data/gnupg2-2.2.20/common/simple-pwquery.c:301:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", s[i]);
data/gnupg2-2.2.20/common/simple-pwquery.c:407:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (line, "GET_PASSPHRASE ");
data/gnupg2-2.2.20/common/simple-pwquery.c:461:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[500];
data/gnupg2-2.2.20/common/simple-pwquery.c:469:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (line, "CLEAR_PASSPHRASE ");
data/gnupg2-2.2.20/common/ssh-utils.c:195:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lenbuf[4];
data/gnupg2-2.2.20/common/ssh-utils.c:250:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_fpr, algo_name, strlen (algo_name));
data/gnupg2-2.2.20/common/ssh-utils.c:316:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_fpr, gcry_md_read (md, algo), *r_len);
data/gnupg2-2.2.20/common/stringhelp.c:413:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[32];
data/gnupg2-2.2.20/common/stringhelp.c:552:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (home_buffer, p, p - name + 1);
data/gnupg2-2.2.20/common/stringhelp.c:750:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char strerr[256];
data/gnupg2-2.2.20/common/stringhelp.c:1138:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[48];
data/gnupg2-2.2.20/common/stringhelp.h:107:28: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memmove(d, s, n) bcopy((s), (d), (n))
data/gnupg2-2.2.20/common/strlist.h:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[1];
data/gnupg2-2.2.20/common/sysutils.c:432:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return notranslate? atoi (fname)
data/gnupg2-2.2.20/common/sysutils.c:433:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
/**/ : translate_sys2libc_fd_int (atoi (fname), for_write);
data/gnupg2-2.2.20/common/sysutils.c:449:3: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buffer[MAX_PATH+7+12+1];
data/gnupg2-2.2.20/common/sysutils.c:453:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_PATH+7+12+1];
data/gnupg2-2.2.20/common/sysutils.c:475:3: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy (p, L"_gnupg");
data/gnupg2-2.2.20/common/sysutils.c:496:7: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy (p, L".tmp");
data/gnupg2-2.2.20/common/sysutils.c:498:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (p, ".tmp");
data/gnupg2-2.2.20/common/sysutils.c:537:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
return tmpfile ();
data/gnupg2-2.2.20/common/sysutils.c:562:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open ("/dev/null",O_RDONLY) == STDIN_FILENO)
data/gnupg2-2.2.20/common/sysutils.c:570:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open ("/dev/null",O_WRONLY) == STDOUT_FILENO)
data/gnupg2-2.2.20/common/sysutils.c:578:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open ("/dev/null", O_WRONLY) == STDERR_FILENO)
data/gnupg2-2.2.20/common/sysutils.c:925:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[10];
data/gnupg2-2.2.20/common/sysutils.c:1238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _buf[sizeof (struct inotify_event) + 255 + 1];
data/gnupg2-2.2.20/common/sysutils.c:1320:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (name, un.sun_path, namelen);
data/gnupg2-2.2.20/common/t-b64.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/gnupg2-2.2.20/common/t-b64.c:77:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fname ? fopen (fname, "r") : stdin;
data/gnupg2-2.2.20/common/t-b64.c:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/gnupg2-2.2.20/common/t-b64.c:113:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fname ? fopen (fname, "r") : stdin;
data/gnupg2-2.2.20/common/t-convert.c:72:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[20];
data/gnupg2-2.2.20/common/t-convert.c:164:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[20];
data/gnupg2-2.2.20/common/t-convert.c:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stuff[20+1] = ("\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa"
data/gnupg2-2.2.20/common/t-convert.c:221:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2*20+1];
data/gnupg2-2.2.20/common/t-convert.c:250:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stuff[20+1] = ("\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa"
data/gnupg2-2.2.20/common/t-convert.c:254:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[3*20+1];
data/gnupg2-2.2.20/common/t-convert.c:358:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/gnupg2-2.2.20/common/t-convert.c:389:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[100];
data/gnupg2-2.2.20/common/t-exechelp.c:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gnupg2-2.2.20/common/t-exectool.c:214:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binjunk[256];
data/gnupg2-2.2.20/common/t-iobuf.c:115:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, &state->buffer[state->pos], toread);
data/gnupg2-2.2.20/common/t-iobuf.c:331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/common/t-iobuf.c:368:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/gnupg2-2.2.20/common/t-openpgp-oid.c:107:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char der[10];
data/gnupg2-2.2.20/common/t-openpgp-oid.c:133:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, samples[idx].der, samples[idx].der[0]+1);
data/gnupg2-2.2.20/common/t-session-env.c:224:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gnupg2-2.2.20/common/t-session-env.c:243:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gnupg2-2.2.20/common/t-session-env.c:265:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gnupg2-2.2.20/common/t-ssh-utils.c:212:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "rb");
data/gnupg2-2.2.20/common/t-ssh-utils.c:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grip[20];
data/gnupg2-2.2.20/common/t-ssh-utils.c:295:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
s = fopen (name, "w");
data/gnupg2-2.2.20/common/t-stringhelp.c:496:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fields_expected[10];
data/gnupg2-2.2.20/common/t-stringhelp.c:557:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fields_expected[10];
data/gnupg2-2.2.20/common/t-stringhelp.c:695:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fields_expected[10];
data/gnupg2-2.2.20/common/t-stringhelp.c:720:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[10];
data/gnupg2-2.2.20/common/t-stringhelp.c:770:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fields_expected[10];
data/gnupg2-2.2.20/common/t-stringhelp.c:795:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[10];
data/gnupg2-2.2.20/common/t-sysutils.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gnupg2-2.2.20/common/t-zb32.c:155:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "rb");
data/gnupg2-2.2.20/common/ttyio.c:127:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[L_ctermid];
data/gnupg2-2.2.20/common/ttyio.c:193:33: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ttyfp = batchmode? stderr : fopen (tty_get_ttyname (), "r+");
data/gnupg2-2.2.20/common/userids.c:301:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[9];
data/gnupg2-2.2.20/common/utf8conv.c:158:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char codepage[30];
data/gnupg2-2.2.20/common/utf8conv.c:174:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (codepage, "CP%u", cpno );
data/gnupg2-2.2.20/common/utf8conv.c:211:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char codepage[30];
data/gnupg2-2.2.20/common/utf8conv.c:214:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (codepage, "iso-8859-1");
data/gnupg2-2.2.20/common/utf8conv.c:232:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (codepage, dot, mod - dot);
data/gnupg2-2.2.20/common/utf8conv.c:411:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char encbuf[8];
data/gnupg2-2.2.20/common/utf8conv.c:437:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "\\x%02x", *s);
data/gnupg2-2.2.20/common/utf8conv.c:469:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "x%02x", *s);
data/gnupg2-2.2.20/common/utf8conv.c:521:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "\\x%02x", *s);
data/gnupg2-2.2.20/common/utf8conv.c:534:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "\\x%02x", encbuf[i]);
data/gnupg2-2.2.20/common/utf8conv.c:537:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "\\x%02x", *s);
data/gnupg2-2.2.20/common/utf8conv.c:601:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "\\x%02x", encbuf[i]);
data/gnupg2-2.2.20/common/utf8conv.c:767:7: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
n = MultiByteToWideChar (codepage, 0, string, -1, NULL, 0);
data/gnupg2-2.2.20/common/utf8conv.c:784:7: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
n = MultiByteToWideChar (codepage, 0, string, -1, result, n);
data/gnupg2-2.2.20/common/util.h:161:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char radbuf[4];
data/gnupg2-2.2.20/common/zb32.c:48:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char const zb32asc[32] = {'y','b','n','d','r','f','g','8',
data/gnupg2-2.2.20/dirmngr/cdb.h:17:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cdbi_t cdb_unpack(const unsigned char buf[4]);
data/gnupg2-2.2.20/dirmngr/cdb.h:18:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void cdb_pack(cdbi_t num, unsigned char buf[4]);
data/gnupg2-2.2.20/dirmngr/cdb.h:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdb_buf[4096]; /* write buffer */
data/gnupg2-2.2.20/dirmngr/cdblib.c:209:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, cdbp->cdb_mem + pos, len);
data/gnupg2-2.2.20/dirmngr/cdblib.c:480:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rbuf[64]; /* read buffer */
data/gnupg2-2.2.20/dirmngr/cdblib.c:536:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cdb_unpack(const unsigned char buf[4])
data/gnupg2-2.2.20/dirmngr/cdblib.c:556:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rlen[8];
data/gnupg2-2.2.20/dirmngr/cdblib.c:595:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rlen[8];
data/gnupg2-2.2.20/dirmngr/cdblib.c:667:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64]; /*XXX cdb_buf may be used here instead */
data/gnupg2-2.2.20/dirmngr/cdblib.c:741:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cdb_pack(cdbi_t num, unsigned char buf[4])
data/gnupg2-2.2.20/dirmngr/cdblib.c:786:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cdbmp->cdb_bpos, ptr, l);
data/gnupg2-2.2.20/dirmngr/cdblib.c:800:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cdbmp->cdb_bpos, ptr, len);
data/gnupg2-2.2.20/dirmngr/certcache.c:65:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20]; /* The fingerprint of this object. */
data/gnupg2-2.2.20/dirmngr/certcache.c:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[40];
data/gnupg2-2.2.20/dirmngr/certcache.c:219:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (digest, gcry_md_read (md, GCRY_MD_SHA1), 20);
data/gnupg2-2.2.20/dirmngr/certcache.c:270:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char help_fpr_buffer[20], *fpr;
data/gnupg2-2.2.20/dirmngr/certcache.c:338:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ci->fpr, fpr, 20);
data/gnupg2-2.2.20/dirmngr/certcache.c:912:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/dirmngr/certcache.c:1648:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/dirmngr/certcache.h:119:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20]; /* of the certificate. */
data/gnupg2-2.2.20/dirmngr/crlcache.c:305:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/gnupg2-2.2.20/dirmngr/crlcache.c:329:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (largebuf, buf, len);
data/gnupg2-2.2.20/dirmngr/crlcache.c:575:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entry->invalid = atoi (line+1);
data/gnupg2-2.2.20/dirmngr/crlcache.c:980:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bname[50];
data/gnupg2-2.2.20/dirmngr/crlcache.c:983:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (bname, "crl-", 4);
data/gnupg2-2.2.20/dirmngr/crlcache.c:984:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (bname + 4, issuer_hash, 40);
data/gnupg2-2.2.20/dirmngr/crlcache.c:985:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (bname + 44, ".db");
data/gnupg2-2.2.20/dirmngr/crlcache.c:1022:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "%.100s/%.100s:%d", DBDIR_D, DBDIRFILE, DBDIRVERSION);
data/gnupg2-2.2.20/dirmngr/crlcache.c:1044:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (md5buffer, gcry_md_read (md5, GCRY_MD_MD5), 16);
data/gnupg2-2.2.20/dirmngr/crlcache.c:1054:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer1[16], buffer2[16];
data/gnupg2-2.2.20/dirmngr/crlcache.c:1145:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (fname, O_RDONLY | O_BINARY);
data/gnupg2-2.2.20/dirmngr/crlcache.c:1358:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char record[16];
data/gnupg2-2.2.20/dirmngr/crlcache.c:1428:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char snbuf_buffer[50];
data/gnupg2-2.2.20/dirmngr/crlcache.c:1464:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char issuerhash[20];
data/gnupg2-2.2.20/dirmngr/crlcache.c:1465:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char issuerhash_hex[41];
data/gnupg2-2.2.20/dirmngr/crlcache.c:1482:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tmp, "%02X", issuerhash[i]);
data/gnupg2-2.2.20/dirmngr/crlcache.c:1578:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algoname[50];
data/gnupg2-2.2.20/dirmngr/crlcache.c:1746:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char record[1+15];
data/gnupg2-2.2.20/dirmngr/crlcache.c:1761:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (record+1, rdate, 15);
data/gnupg2-2.2.20/dirmngr/crlcache.c:1950:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (string, "\x01");
data/gnupg2-2.2.20/dirmngr/crlcache.c:2059:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd_cdb = open (fname, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
data/gnupg2-2.2.20/dirmngr/crlcache.c:2099:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5buf[16];
data/gnupg2-2.2.20/dirmngr/crlcache.c:2322:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keyrecord[256];
data/gnupg2-2.2.20/dirmngr/crlcache.c:2323:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char record[16];
data/gnupg2-2.2.20/dirmngr/crlfetch.c:460:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*value, cert_image, cert_image_n);
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:116:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char asctobin[256]; /* runtime initialized */
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:471:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fname? fopen (fname, "r") : stdin;
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:488:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2];
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:632:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fname? fopen (fname, "rb") : stdin;
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:816:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *s);
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:865:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *s);
data/gnupg2-2.2.20/dirmngr/dirmngr.c:457:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numlvl = numok? atoi (debug_level) : 0;
data/gnupg2-2.2.20/dirmngr/dirmngr.c:794:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[10+20];
data/gnupg2-2.2.20/dirmngr/dirmngr.c:946:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
configfp = fopen (configname, "r");
data/gnupg2-2.2.20/dirmngr/dirmngr.c:1367:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
&& open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
data/gnupg2-2.2.20/dirmngr/dirmngr.c:1623:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/dirmngr/dirmngr.c:1688:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/gnupg2-2.2.20/dirmngr/dirmngr.c:1832:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (opt.config_filename, "r");
data/gnupg2-2.2.20/dirmngr/dirmngr.c:2110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _buf[sizeof (struct inotify_event) + 100 + 1];
data/gnupg2-2.2.20/dirmngr/dirmngr.c:2301:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char threadname[50];
data/gnupg2-2.2.20/dirmngr/dirmngr.h:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uri[1]; /* The original URI. */
data/gnupg2-2.2.20/dirmngr/dirmngr.h:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexfpr[20+20+1];
data/gnupg2-2.2.20/dirmngr/dirmngr.h:174:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/dirmngr/dirmngr_ldap.c:329:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
myopt->port = atoi (p);
data/gnupg2-2.2.20/dirmngr/dirmngr_ldap.c:531:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[5];
data/gnupg2-2.2.20/dirmngr/dirmngr_ldap.c:555:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[5];
data/gnupg2-2.2.20/dirmngr/dirmngr_ldap.c:613:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *host, *dn, *filter, *attrs[2], *attr;
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:145:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tor_nameserver[40+20];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:148:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tor_socks_user[30];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:149:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tor_socks_password[20];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr_[21];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:933:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dai->addr, ent->ai_addr, ent->ai_addrlen);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:973:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[21];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1051:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dai->addr, ai->ai_addr, ai->ai_addrlen);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1388:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (s+1) > 255)
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1428:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1500:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_key, rp, len);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1529:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_key, rp, len);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1548:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_fpr, rp+1, *r_fprlen);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1563:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_url, rp + *r_fprlen + 1, len - (*r_fprlen + 1));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1686:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_key, pt, dlen);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1719:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_key, pt, dlen);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1738:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_fpr, &pt[1], *r_fprlen);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1753:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_url, &pt[*r_fprlen + 1],
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1864:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1963:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ans[2048];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2150:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&temp,&(*list)[j],sizeof(struct srventry));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2151:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&(*list)[j],&(*list)[i],sizeof(struct srventry));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2152:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&(*list)[i],&temp,sizeof(struct srventry));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2195:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp,&(*list)[j],sizeof(struct srventry));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2196:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(*list)[j],&(*list)[i],sizeof(struct srventry));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2197:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(*list)[i],&temp,sizeof(struct srventry));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2299:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ans[2048];
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2438:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[46];
data/gnupg2-2.2.20/dirmngr/dns-stuff.h:91:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[1025];
data/gnupg2-2.2.20/dirmngr/dns.c:221:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define dns_static_assert(cond, msg) extern char DNS_PP_XPASTE(dns_assert_, __LINE__)[sizeof (int[1 - 2*!(cond)])]
data/gnupg2-2.2.20/dirmngr/dns.c:496:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tea->key, key, sizeof tea->key);
data/gnupg2-2.2.20/dirmngr/dns.c:659:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sbox[256] =
data/gnupg2-2.2.20/dirmngr/dns.c:789:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, n);
data/gnupg2-2.2.20/dirmngr/dns.c:930:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_path[DNS_SUNPATHMAX + 1], b_path[sizeof a_path];
data/gnupg2-2.2.20/dirmngr/dns.c:1280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode_cloexec[32];
data/gnupg2-2.2.20/dirmngr/dns.c:1292:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, mode_cloexec)))
data/gnupg2-2.2.20/dirmngr/dns.c:1297:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, mode_cloexec))) {
data/gnupg2-2.2.20/dirmngr/dns.c:1300:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, mode)))
data/gnupg2-2.2.20/dirmngr/dns.c:1335:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ln[sizeof tmpl];
data/gnupg2-2.2.20/dirmngr/dns.c:1344:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ln, tmpl, sizeof ln);
data/gnupg2-2.2.20/dirmngr/dns.c:1507:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b->p, src, n);
data/gnupg2-2.2.20/dirmngr/dns.c:1896:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(P->data, P0->data, P->end);
data/gnupg2-2.2.20/dirmngr/dns.c:2204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[sizeof (union dns_any) * 2];
data/gnupg2-2.2.20/dirmngr/dns.c:2345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:2385:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &data[src], DNS_PP_MIN(lim, len));
data/gnupg2-2.2.20/dirmngr/dns.c:2509:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dst)[DNS_PP_MIN(len, lim - 1)] = '\0';
data/gnupg2-2.2.20/dirmngr/dns.c:2522:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (((const char *)src)[len - 1] != '.') {
data/gnupg2-2.2.20/dirmngr/dns.c:2524:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dst)[len] = '.';
data/gnupg2-2.2.20/dirmngr/dns.c:2529:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dst)[DNS_PP_MIN(lim - 1, len)] = '\0';
data/gnupg2-2.2.20/dirmngr/dns.c:2554:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dst)[DNS_PP_MIN(lim - 1, len)] = '\0';
data/gnupg2-2.2.20/dirmngr/dns.c:2606:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
struct { unsigned char label[DNS_D_MAXLABEL + 1]; size_t len; unsigned short p, x, y; } a, b;
data/gnupg2-2.2.20/dirmngr/dns.c:2703:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[dstp] = '.';
data/gnupg2-2.2.20/dirmngr/dns.c:2710:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[DNS_PP_MIN(dstp, lim - 1)] = '\0';
data/gnupg2-2.2.20/dirmngr/dns.c:2721:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((unsigned char *)dst)[dstp], &P->data[src], DNS_PP_MIN(len, lim - dstp));
data/gnupg2-2.2.20/dirmngr/dns.c:2721:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memcpy(&((unsigned char *)dst)[dstp], &P->data[src], DNS_PP_MIN(len, lim - dstp));
data/gnupg2-2.2.20/dirmngr/dns.c:2727:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[dstp] = '.';
data/gnupg2-2.2.20/dirmngr/dns.c:2756:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[DNS_PP_MIN(dstp, lim - 1)] = '\0';
data/gnupg2-2.2.20/dirmngr/dns.c:2763:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[DNS_PP_MIN(dstp, lim - 1)] = '\0';
data/gnupg2-2.2.20/dirmngr/dns.c:2790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:2826:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dn[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:2981:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host0[DNS_D_MAXNAME + 1], host1[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:3052:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dn[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:3379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET_ADDRSTRLEN + 1] = "0.0.0.0";
data/gnupg2-2.2.20/dirmngr/dns.c:3391:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aaaa->addr.s6_addr, &P->data[rr->rd.p], sizeof aaaa->addr.s6_addr);
data/gnupg2-2.2.20/dirmngr/dns.c:3404:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&P->data[P->end], aaaa->addr.s6_addr, sizeof aaaa->addr.s6_addr);
data/gnupg2-2.2.20/dirmngr/dns.c:3426:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hex[16] = "0123456789abcdef";
data/gnupg2-2.2.20/dirmngr/dns.c:3448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN + 1] = "::";
data/gnupg2-2.2.20/dirmngr/dns.c:4058:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fp->digest.sha1, &P->data[p], sizeof fp->digest.sha1);
data/gnupg2-2.2.20/dirmngr/dns.c:4084:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&P->data[p], fp->digest.sha1, sizeof fp->digest.sha1);
data/gnupg2-2.2.20/dirmngr/dns.c:4119:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char hex[16] = "0123456789abcdef";
data/gnupg2-2.2.20/dirmngr/dns.c:4181:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst.b[dst.p], &src.b[src.p], n);
data/gnupg2-2.2.20/dirmngr/dns.c:4224:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst.b[dst.p], &src.b[src.p], n);
data/gnupg2-2.2.20/dirmngr/dns.c:4351:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(any->rdata.data, &P->data[rr->rd.p], rr->rd.len);
data/gnupg2-2.2.20/dirmngr/dns.c:4370:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&P->data[P->end], any->rdata.data, any->rdata.len);
data/gnupg2-2.2.20/dirmngr/dns.c:4459:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:4508:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
} else if (!(fp = tmpfile())) {
data/gnupg2-2.2.20/dirmngr/dns.c:4593:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(te, &tmp, offsetof(struct dns_trace_event, data));
data/gnupg2-2.2.20/dirmngr/dns.c:4616:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, te, headsize);
data/gnupg2-2.2.20/dirmngr/dns.c:4640:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cname->addr, addr, DNS_PP_MIN(dns_sa_len(addr), sizeof cname->addr));
data/gnupg2-2.2.20/dirmngr/dns.c:4692:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&te.so_submit.haddr, haddr, DNS_PP_MIN(dns_sa_len(haddr), sizeof te.so_submit.haddr));
data/gnupg2-2.2.20/dirmngr/dns.c:4730:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&te.sys_connect.dst, dst, DNS_PP_MIN(dns_sa_len(dst), sizeof te.sys_connect.dst));
data/gnupg2-2.2.20/dirmngr/dns.c:4772:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, data, datasize);
data/gnupg2-2.2.20/dirmngr/dns.c:4809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128];
data/gnupg2-2.2.20/dirmngr/dns.c:4829:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[INET6_ADDRSTRLEN + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:4844:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_s[48], elapsed_s[48];
data/gnupg2-2.2.20/dirmngr/dns.c:5032:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:5033:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arpa[73 + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:5133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[DNS_PP_MAX(INET6_ADDRSTRLEN, DNS_D_MAXNAME) + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:5210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:5244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ent->addr.a6, addr, sizeof ent->addr.a6);
data/gnupg2-2.2.20/dirmngr/dns.c:5250:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ent->addr.a4, addr, sizeof ent->addr.a4);
data/gnupg2-2.2.20/dirmngr/dns.c:5278:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } P_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:5284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:5553:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
struct { char buf[128], *p; } addr = { "", addr.buf };
data/gnupg2-2.2.20/dirmngr/dns.c:5603:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char words[6][DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:5811:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *token[16];
data/gnupg2-2.2.20/dirmngr/dns.c:5813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], *tp, *cp;
data/gnupg2-2.2.20/dirmngr/dns.c:6042:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char map[DNS_NSSCONF_LAST] = {
data/gnupg2-2.2.20/dirmngr/dns.c:6058:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const map[DNS_NSSCONF_LAST] = {
data/gnupg2-2.2.20/dirmngr/dns.c:6078:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookup[sizeof resconf->lookup] = "", *lp;
data/gnupg2-2.2.20/dirmngr/dns.c:6396:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN + 1] = "[INVALID]";
data/gnupg2-2.2.20/dirmngr/dns.c:6465:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN + 1] = "[INVALID]";
data/gnupg2-2.2.20/dirmngr/dns.c:6482:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zone[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:6594:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/gnupg2-2.2.20/dirmngr/dns.c:6682:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&soa->addrs[i].ss, sa, dns_sa_len(sa));
data/gnupg2-2.2.20/dirmngr/dns.c:6727:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp.sin, &resconf->nameserver[i], sizeof tmp.sin);
data/gnupg2-2.2.20/dirmngr/dns.c:6840:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } P_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:6843:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:6928:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/gnupg2-2.2.20/dirmngr/dns.c:7145:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, local, dns_sa_len(local));
data/gnupg2-2.2.20/dirmngr/dns.c:7234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:7324:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&so->local, local, dns_sa_len(local));
data/gnupg2-2.2.20/dirmngr/dns.c:7425:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&so->remote, host, dns_sa_len(host));
data/gnupg2-2.2.20/dirmngr/dns.c:7453:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:7824:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+buflen, so->opts.socks_user, ulen);
data/gnupg2-2.2.20/dirmngr/dns.c:7827:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+buflen, so->opts.socks_password, plen);
data/gnupg2-2.2.20/dirmngr/dns.c:7867:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+ 4, &addr_in6->sin6_addr.s6_addr, 16); /* DST.ADDR */
data/gnupg2-2.2.20/dirmngr/dns.c:7868:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+20, &addr_in6->sin6_port, 2); /* DST.PORT */
data/gnupg2-2.2.20/dirmngr/dns.c:7873:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+4, &addr_in->sin_addr.s_addr, 4); /* DST.ADDR */
data/gnupg2-2.2.20/dirmngr/dns.c:7874:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+8, &addr_in->sin_port, 2); /* DST.PORT */
data/gnupg2-2.2.20/dirmngr/dns.c:8181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:8466:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } P_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:8468:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:8572:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:8573:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:8856:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET_ADDRSTRLEN + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:8992:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:9466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:9483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:9484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char i_cname[DNS_D_MAXNAME + 1], g_cname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:9717:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr.sin.sin_addr, any, sizeof addr.sin.sin_addr);
data/gnupg2-2.2.20/dirmngr/dns.c:9726:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr.sin6.sin6_addr, any, sizeof addr.sin6.sin6_addr);
data/gnupg2-2.2.20/dirmngr/dns.c:9750:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(*ent)->ai_addr = memcpy((unsigned char *)*ent + sizeof **ent, &addr, dns_sa_len(&addr));
data/gnupg2-2.2.20/dirmngr/dns.c:9754:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(*ent)->ai_canonname = memcpy((unsigned char *)*ent + sizeof **ent + dns_sa_len(&addr), cname, clen + 1);
data/gnupg2-2.2.20/dirmngr/dns.c:9784:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:10012:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[DNS_PP_MAX(INET_ADDRSTRLEN, INET6_ADDRSTRLEN) + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:10096:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/gnupg2-2.2.20/dirmngr/dns.c:10110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _dst[DNS_STRMAXLEN + 1] = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[128];
data/gnupg2-2.2.20/dirmngr/dns.c:10153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8];
data/gnupg2-2.2.20/dirmngr/dns.c:10160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _dst[DNS_STRMAXLEN + 1] = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _dst[DNS_STRMAXLEN + 1] = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10233:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dns_opcodes[16][16] = {
data/gnupg2-2.2.20/dirmngr/dns.c:10242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _tmp[48] = "";
data/gnupg2-2.2.20/dirmngr/dns.c:10286:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dns_rcodes[32][16] = {
data/gnupg2-2.2.20/dirmngr/dns.c:10354:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *path[8];
data/gnupg2-2.2.20/dirmngr/dns.c:10383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128];
data/gnupg2-2.2.20/dirmngr/dns.c:10433:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*dst + osize, src, len);
data/gnupg2-2.2.20/dirmngr/dns.c:10441:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/gnupg2-2.2.20/dirmngr/dns.c:10579:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char omode[64] = "";
data/gnupg2-2.2.20/dirmngr/dns.c:10589:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(MAIN.trace, mode)))
data/gnupg2-2.2.20/dirmngr/dns.c:10611:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } P_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10612:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } Q_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10619:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pretty[sizeof any * 2];
data/gnupg2-2.2.20/dirmngr/dns.c:10654:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _p[DNS_D_MAXNAME + 1] = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _p[DNS_D_MAXNAME + 1] = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10708:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:10728:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rp = atoi(argv[1]);
data/gnupg2-2.2.20/dirmngr/dns.c:10735:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkt->data, src, len);
data/gnupg2-2.2.20/dirmngr/dns.c:10821:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } Q_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10824:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:10863:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:10878:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hi = (--argc > 0)? atoi(argv[argc]) : 8;
data/gnupg2-2.2.20/dirmngr/dns.c:10879:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lo = (--argc > 0)? atoi(argv[argc]) : 0;
data/gnupg2-2.2.20/dirmngr/dns.c:10897:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = 0xffff & atoi(argv[argc]);
data/gnupg2-2.2.20/dirmngr/dns.c:10898:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
r = (--argc > 0)? (unsigned)atoi(argv[argc]) : dns_random();
data/gnupg2-2.2.20/dirmngr/dns.c:10913:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[32];
data/gnupg2-2.2.20/dirmngr/dns.c:10916:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = (argc > 1)? atoi(argv[1]) : 32;
data/gnupg2-2.2.20/dirmngr/dns.c:10940:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } Q_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:10942:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[INET6_ADDRSTRLEN + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:10957:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ss, &resconf()->nameserver[0], dns_sa_len(&resconf()->nameserver[0]));
data/gnupg2-2.2.20/dirmngr/dns.c:11005:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.c:11036:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } P_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:11121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pretty[512];
data/gnupg2-2.2.20/dirmngr/dns.c:11202:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char b[dns_p_calcsize((512))]; struct dns_packet p; } P_instance = { 0 };
data/gnupg2-2.2.20/dirmngr/dns.c:11502:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*dns_sa_port(MAIN.socks_host.ss_family, &MAIN.socks_host) = htons(atoi(optarg));
data/gnupg2-2.2.20/dirmngr/dns.h:388:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/gnupg2-2.2.20/dirmngr/dns.h:572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:610:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:630:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:648:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:672:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:707:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[DNS_OPT_MINDATA];
data/gnupg2-2.2.20/dirmngr/dns.h:744:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sha1[20];
data/gnupg2-2.2.20/dirmngr/dns.h:767:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[DNS_TXT_MINDATA];
data/gnupg2-2.2.20/dirmngr/dns.h:852:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[4][DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:855:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookup[4 * (1 + (4 * 2))];
data/gnupg2-2.2.20/dirmngr/dns.h:1216:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/dns.h:1228:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[DNS_D_MAXNAME + 1];
data/gnupg2-2.2.20/dirmngr/domaininfo.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/gnupg2-2.2.20/dirmngr/http.c:276:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* The name of the header (canonicalized). */
data/gnupg2-2.2.20/dirmngr/http.c:1446:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uri->port = atoi (p3);
data/gnupg2-2.2.20/dirmngr/http.c:1586:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, "%0D%0A", 6);
data/gnupg2-2.2.20/dirmngr/http.c:1592:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, "%0D%0A", 6);
data/gnupg2-2.2.20/dirmngr/http.c:2218:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[35];
data/gnupg2-2.2.20/dirmngr/http.c:2560:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hd->status_code = atoi (p);
data/gnupg2-2.2.20/dirmngr/http.c:3717:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, origuri->original, origuri->off_host);
data/gnupg2-2.2.20/dirmngr/http.c:3719:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, locuri->original + locuri->off_host,
data/gnupg2-2.2.20/dirmngr/http.h:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1]; /* Buffer which holds a (modified) copy of the URI. */
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* The hostname. */
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:1036:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[10];
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:1070:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (portstr, "443");
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:1072:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (portstr, "11371");
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:1417:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fprbuf[2+40+1];
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:1568:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kidbuf[2+40+1];
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:694:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (vals[0]) > 1)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:780:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi (vals[0]);
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:811:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (vals[0]) == 1)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1175:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (vals[0]) > 0)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1176:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
es_fprintf (fp, "%d", atoi (vals[0]));
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1207:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (vals[0]) == 1)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1215:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (vals[0]) ==1)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1697:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padded[6];
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1700:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi (fields[2]);
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1712:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi (algo);
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1991:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (temp, info, infolen);
data/gnupg2-2.2.20/dirmngr/ldap-parse-uri.c:230:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((const unsigned char *)filter)[filter_i]);
data/gnupg2-2.2.20/dirmngr/ldap-url.c:619:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ludp->lud_port = atoi( q );
data/gnupg2-2.2.20/dirmngr/ldap-wrapper-ce.c:118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4000]; /* Data ring buffer. */
data/gnupg2-2.2.20/dirmngr/ldap-wrapper-ce.c:150:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, BUFFER_CUR_READ_POS (cookie), chunk);
data/gnupg2-2.2.20/dirmngr/ldap-wrapper-ce.c:157:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, BUFFER_CUR_READ_POS (cookie), left);
data/gnupg2-2.2.20/dirmngr/ldap-wrapper-ce.c:185:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (BUFFER_CUR_POS (cookie), src, chunk);
data/gnupg2-2.2.20/dirmngr/ldap-wrapper-ce.c:192:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (BUFFER_CUR_POS (cookie), src, left);
data/gnupg2-2.2.20/dirmngr/ldap-wrapper.c:243:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ctx->line + ctx->linelen, line, n);
data/gnupg2-2.2.20/dirmngr/ldap-wrapper.c:257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/gnupg2-2.2.20/dirmngr/ldap.c:126:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[40];
data/gnupg2-2.2.20/dirmngr/ldap.c:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portbuf[30], timeoutbuf[30];
data/gnupg2-2.2.20/dirmngr/ldap.c:150:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (timeoutbuf, "%u", opt.ldaptimeout);
data/gnupg2-2.2.20/dirmngr/ldap.c:168:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (portbuf, "%d", port);
data/gnupg2-2.2.20/dirmngr/ldap.c:417:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *(const unsigned char *)s);
data/gnupg2-2.2.20/dirmngr/ldap.c:524:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[50];
data/gnupg2-2.2.20/dirmngr/ldap.c:527:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portbuf[30], timeoutbuf[30];
data/gnupg2-2.2.20/dirmngr/ldap.c:696:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hdr[5];
data/gnupg2-2.2.20/dirmngr/ldapserver.c:94:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->port = atoi (p);
data/gnupg2-2.2.20/dirmngr/loadswdb.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[2];
data/gnupg2-2.2.20/dirmngr/loadswdb.c:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/dirmngr/loadswdb.c:201:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[3];
data/gnupg2-2.2.20/dirmngr/misc.c:60:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[20];
data/gnupg2-2.2.20/dirmngr/misc.c:104:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( certid+i , "%02X", *p);
data/gnupg2-2.2.20/dirmngr/misc.c:188:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20];
data/gnupg2-2.2.20/dirmngr/misc.c:207:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (digest, gcry_md_read (md, GCRY_MD_SHA1), 20);
data/gnupg2-2.2.20/dirmngr/misc.c:213:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf+strlen(buf), "%02X", digest[i]);
data/gnupg2-2.2.20/dirmngr/misc.c:222:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20];
data/gnupg2-2.2.20/dirmngr/misc.c:241:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (digest, gcry_md_read (md, GCRY_MD_SHA1), 20);
data/gnupg2-2.2.20/dirmngr/misc.c:247:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf+strlen(buf), "%02X:", digest[i]);
data/gnupg2-2.2.20/dirmngr/misc.c:426:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char textbuf[20];
data/gnupg2-2.2.20/dirmngr/misc.c:521:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi (p);
data/gnupg2-2.2.20/dirmngr/misc.c:645:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/gnupg2-2.2.20/dirmngr/ocsp.c:167:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce[32];
data/gnupg2-2.2.20/dirmngr/ocsp.c:463:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashalgostr[16+1];
data/gnupg2-2.2.20/dirmngr/server.c:538:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request[100];
data/gnupg2-2.2.20/dirmngr/server.c:618:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/dirmngr/server.c:623:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/dirmngr/server.c:642:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/dirmngr/server.c:729:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuf[32]; /* For SHA-1 and SHA-256. */
data/gnupg2-2.2.20/dirmngr/server.c:845:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sha1buf[20];
data/gnupg2-2.2.20/dirmngr/server.c:852:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[20] = { 0 };
data/gnupg2-2.2.20/dirmngr/server.c:1370:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fprbuffer[20], *fpr;
data/gnupg2-2.2.20/dirmngr/server.c:1452:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fprbuffer[20], *fpr;
data/gnupg2-2.2.20/dirmngr/server.c:1739:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[50];
data/gnupg2-2.2.20/dirmngr/server.c:1741:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%d", count);
data/gnupg2-2.2.20/dirmngr/server.c:2024:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/dirmngr/server.c:2620:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/dirmngr/server.c:3014:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[950], *p;
data/gnupg2-2.2.20/dirmngr/t-dns-stuff.c:140:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_dns_timeout (atoi (*argv));
data/gnupg2-2.2.20/dirmngr/t-http.c:254:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tls_dbg = atoi (*argv);
data/gnupg2-2.2.20/dirmngr/validate.c:57:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20]; /* Fingerprint of the certificate. */
data/gnupg2-2.2.20/dirmngr/validate.c:905:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algo_name[16+1]; /* hash algorithm name converted to lower case. */
data/gnupg2-2.2.20/dirmngr/workqueue.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[1];
data/gnupg2-2.2.20/doc/mkdefsinc.c:272:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi (opt_date+5))
data/gnupg2-2.2.20/doc/mkdefsinc.c:290:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (opt_date+8), &monthoff, month, atoi (opt_date));
data/gnupg2-2.2.20/doc/mkdefsinc.c:290:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (opt_date+8), &monthoff, month, atoi (opt_date));
data/gnupg2-2.2.20/doc/yat2m.c:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/gnupg2-2.2.20/doc/yat2m.c:184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* Name of the condition macro. */
data/gnupg2-2.2.20/doc/yat2m.c:362:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[11+5];
data/gnupg2-2.2.20/doc/yat2m.c:371:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buffer, "????" "-??" "-??");
data/gnupg2-2.2.20/doc/yat2m.c:375:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer,"%04d-%02d-%02d",
data/gnupg2-2.2.20/doc/yat2m.c:481:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return !!atoi (m->value);
data/gnupg2-2.2.20/doc/yat2m.c:932:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[256];
data/gnupg2-2.2.20/doc/yat2m.c:1095:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen ( "/dev/null", "w" );
data/gnupg2-2.2.20/doc/yat2m.c:1103:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen ( thepage.name, "w" );
data/gnupg2-2.2.20/doc/yat2m.c:1402:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *incfp = fopen (incname, "r");
data/gnupg2-2.2.20/doc/yat2m.c:1413:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
incfp = fopen (incname, "r");
data/gnupg2-2.2.20/doc/yat2m.c:1629:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen (*argv, "rb");
data/gnupg2-2.2.20/g10/armor.c:633:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[len],tempbuf,PARTIAL_CHUNK);
data/gnupg2-2.2.20/g10/armor.c:740:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[len],tempbuf,tempbuf_len);
data/gnupg2-2.2.20/g10/armor.c:1018:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("armor.out", "w");
data/gnupg2-2.2.20/g10/armor.c:1084:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+n, sesmark, sesmarklen ); n+= sesmarklen;
data/gnupg2-2.2.20/g10/build-packet.c:252:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lenhdr[2];
data/gnupg2-2.2.20/g10/build-packet.c:281:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[(MAX_EXTERN_MPI_BITS+7)/8+2]; /* 2 is for the mpi length. */
data/gnupg2-2.2.20/g10/build-packet.c:1062:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, buffer, buflen);
data/gnupg2-2.2.20/g10/build-packet.c:1068:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, buffer, buflen);
data/gnupg2-2.2.20/g10/build-packet.c:1073:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, buffer, buflen);
data/gnupg2-2.2.20/g10/build-packet.c:1192:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&attrib[idx],header,headerlen);
data/gnupg2-2.2.20/g10/build-packet.c:1193:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&attrib[idx+headerlen],buf,buflen);
data/gnupg2-2.2.20/g10/build-packet.c:1207:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char preview[20];
data/gnupg2-2.2.20/g10/build-packet.c:1275:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(notation->name,string,s-string);
data/gnupg2-2.2.20/g10/build-packet.c:1388:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (notation->bdat, data, len);
data/gnupg2-2.2.20/g10/build-packet.c:1443:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->name,&p[8],n1);
data/gnupg2-2.2.20/g10/build-packet.c:1450:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->value,&p[8+n1],n2);
data/gnupg2-2.2.20/g10/build-packet.c:1459:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->bdat,&p[8+n1],n2);
data/gnupg2-2.2.20/g10/call-agent.c:160:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/gnupg2-2.2.20/g10/call-agent.c:425:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, line, s-line);
data/gnupg2-2.2.20/g10/call-agent.c:468:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*serialno, line, n);
data/gnupg2-2.2.20/g10/call-agent.c:570:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parm->chv1_cached = atoi (p);
data/gnupg2-2.2.20/g10/call-agent.c:577:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parm->chvmaxlen[i] = atoi (p);
data/gnupg2-2.2.20/g10/call-agent.c:585:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parm->chvretry[i] = atoi (p);
data/gnupg2-2.2.20/g10/call-agent.c:624:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int no = atoi (line);
data/gnupg2-2.2.20/g10/call-agent.c:638:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int no = atoi (line);
data/gnupg2-2.2.20/g10/call-agent.c:661:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if ((no = atoi (line+8)) == 1)
data/gnupg2-2.2.20/g10/call-agent.c:670:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int no = atoi (line);
data/gnupg2-2.2.20/g10/call-agent.c:886:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:924:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:982:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1042:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1077:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1098:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *value);
data/gnupg2-2.2.20/g10/call-agent.c:1152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1215:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1266:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (line, "SCD SERIALNO");
data/gnupg2-2.2.20/g10/call-agent.c:1294:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1335:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1418:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1427:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (line, "SCD GETINFO card_list");
data/gnupg2-2.2.20/g10/call-agent.c:1461:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1498:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1533:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1612:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1640:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1707:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1731:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1735:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/g10/call-agent.c:1798:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[6];
data/gnupg2-2.2.20/g10/call-agent.c:1825:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:1939:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:2009:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:2066:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:2171:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*r_padding = atoi (s);
data/gnupg2-2.2.20/g10/call-agent.c:2192:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:2311:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:2373:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:2435:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:2497:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.c:2542:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-agent.h:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *private_do[4]; /* malloced. */
data/gnupg2-2.2.20/g10/call-agent.h:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cafpr1[20];
data/gnupg2-2.2.20/g10/call-agent.h:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cafpr2[20];
data/gnupg2-2.2.20/g10/call-agent.h:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cafpr3[20];
data/gnupg2-2.2.20/g10/call-agent.h:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr1[20];
data/gnupg2-2.2.20/g10/call-agent.h:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr2[20];
data/gnupg2-2.2.20/g10/call-agent.h:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr3[20];
data/gnupg2-2.2.20/g10/call-agent.h:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grp1[20]; /* The keygrip for OPENPGP.1 */
data/gnupg2-2.2.20/g10/call-agent.h:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grp2[20]; /* The keygrip for OPENPGP.2 */
data/gnupg2-2.2.20/g10/call-agent.h:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grp3[20]; /* The keygrip for OPENPGP.3 */
data/gnupg2-2.2.20/g10/call-dirmngr.c:507:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixedbuf[256];
data/gnupg2-2.2.20/g10/call-dirmngr.c:546:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (fixedbuf, line, linelen);
data/gnupg2-2.2.20/g10/call-dirmngr.c:565:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (parm->helpbuf, line, linelen);
data/gnupg2-2.2.20/g10/call-dirmngr.c:599:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/g10/call-dirmngr.c:914:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&userid_escaped[w], "%%%02X", (byte) userid[r]);
data/gnupg2-2.2.20/g10/call-dirmngr.c:1007:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char validity[3];
data/gnupg2-2.2.20/g10/call-dirmngr.c:1032:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char validity[3];
data/gnupg2-2.2.20/g10/call-dirmngr.c:1079:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/gnupg2-2.2.20/g10/call-dirmngr.c:1184:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (parm->fpr, buf, (parm->fprlen = nbytes));
data/gnupg2-2.2.20/g10/card-util.c:1198:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/g10/card-util.c:1414:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
req_nbits = *answer? atoi (answer): nbits;
data/gnupg2-2.2.20/g10/card-util.c:1465:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
algo = *answer? atoi (answer) : 0;
data/gnupg2-2.2.20/g10/card-util.c:1565:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[100];
data/gnupg2-2.2.20/g10/card-util.c:1733:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
keyno = *answer? atoi(answer): 0;
data/gnupg2-2.2.20/g10/card-util.c:1824:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
keyno = *answer? atoi(answer): 0;
data/gnupg2-2.2.20/g10/card-util.c:2046:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char count_4byte[4];
data/gnupg2-2.2.20/g10/card-util.c:2058:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, h0, sizeof h0);
data/gnupg2-2.2.20/g10/card-util.c:2060:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, count_4byte, sizeof count_4byte);
data/gnupg2-2.2.20/g10/card-util.c:2062:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, h1, sizeof h1);
data/gnupg2-2.2.20/g10/card-util.c:2071:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, h2, sizeof h2);
data/gnupg2-2.2.20/g10/card-util.c:2075:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, h3, sizeof h3);
data/gnupg2-2.2.20/g10/card-util.c:2081:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, h4, sizeof h4);
data/gnupg2-2.2.20/g10/card-util.c:2089:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, h5, sizeof h5);
data/gnupg2-2.2.20/g10/card-util.c:2105:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char kdf_data[KDF_DATA_LENGTH_MAX];
data/gnupg2-2.2.20/g10/card-util.c:2253:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serialnobuf[50];
data/gnupg2-2.2.20/g10/card-util.c:2333:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
arg_number = atoi(p);
data/gnupg2-2.2.20/g10/card-util.c:2377:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (stpcpy (tmp, serialnobuf), "[CHV3]");
data/gnupg2-2.2.20/g10/cipher.c:171:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp+2, hash, 20);
data/gnupg2-2.2.20/g10/cpr.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/gnupg2-2.2.20/g10/cpr.c:380:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gnupg2-2.2.20/g10/cpr.c:464:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (string, save, i);
data/gnupg2-2.2.20/g10/decrypt-data.c:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defer[22];
data/gnupg2-2.2.20/g10/decrypt-data.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/gnupg2-2.2.20/g10/decrypt-data.c:121:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[25];
data/gnupg2-2.2.20/g10/decrypt-data.c:363:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, buf+22, 22);
data/gnupg2-2.2.20/g10/decrypt-data.c:368:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, dfx->defer, 22);
data/gnupg2-2.2.20/g10/decrypt-data.c:402:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dfx->defer, buf+n, 22 );
data/gnupg2-2.2.20/g10/decrypt-data.c:409:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, buf+22, n );
data/gnupg2-2.2.20/g10/decrypt-data.c:414:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, dfx->defer, 22 );
data/gnupg2-2.2.20/g10/decrypt-data.c:416:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dfx->defer, buf+n, 22 );
data/gnupg2-2.2.20/g10/decrypt.c:132:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xname[64];
data/gnupg2-2.2.20/g10/decrypt.c:149:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xname[64];
data/gnupg2-2.2.20/g10/decrypt.c:202:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[2048];
data/gnupg2-2.2.20/g10/dek.h:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2k_cacheid[1+16+1];
data/gnupg2-2.2.20/g10/ecdh.c:106:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char message[256];
data/gnupg2-2.2.20/g10/ecdh.c:263:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (secret_x, gcry_md_read (h, kdf_hash_algo),
data/gnupg2-2.2.20/g10/ecdh.c:383:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data_buf, p, nbytes);
data/gnupg2-2.2.20/g10/encrypt.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buf + 1, (*seskey)->key, (*seskey)->keylen );
data/gnupg2-2.2.20/g10/encrypt.c:107:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( enckey, buf, (*seskey)->keylen + 1 );
data/gnupg2-2.2.20/g10/encrypt.c:266:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (enc->seskey, enckey, seskeylen + 1 );
data/gnupg2-2.2.20/g10/encrypt.c:420:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( enc->seskey, enckey, seskeylen + 1 );
data/gnupg2-2.2.20/g10/encrypt.c:518:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xname[64];
data/gnupg2-2.2.20/g10/encrypt.c:524:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (xname, "[stdin]");
data/gnupg2-2.2.20/g10/encrypt.c:992:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[2048];
data/gnupg2-2.2.20/g10/exec.c:89:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
waitms = atoi (command);
data/gnupg2-2.2.20/g10/exec.c:184:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p,"PATH=");
data/gnupg2-2.2.20/g10/exec.c:222:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp,"c:\\windows\\temp");
data/gnupg2-2.2.20/g10/exec.c:542:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(*info)->tochild=fopen((*info)->tempfile_in,binary?"wb":"w");
data/gnupg2-2.2.20/g10/export.c:267:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[15*20];
data/gnupg2-2.2.20/g10/export.c:376:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_data, src, datalen);
data/gnupg2-2.2.20/g10/export.c:819:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iv[16];
data/gnupg2-2.2.20/g10/export.c:870:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv, value, valuelen);
data/gnupg2-2.2.20/g10/export.c:888:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s2k_salt, value, valuelen);
data/gnupg2-2.2.20/g10/export.c:986:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, value, valuelen);
data/gnupg2-2.2.20/g10/export.c:1171:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ski->s2k.salt, s2k_salt, sizeof s2k_salt);
data/gnupg2-2.2.20/g10/export.c:1174:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ski->iv, iv, ivlen);
data/gnupg2-2.2.20/g10/export.c:1478:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuf[32];
data/gnupg2-2.2.20/g10/export.c:2147:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nbuf[4];
data/gnupg2-2.2.20/g10/free-packet.c:161:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (d->data, s->data, s->len);
data/gnupg2-2.2.20/g10/free-packet.c:201:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (d, s, sizeof *d);
data/gnupg2-2.2.20/g10/free-packet.c:223:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->revkey,s->revkey,sizeof(struct revocation_key)*s->numrevkeys);
data/gnupg2-2.2.20/g10/free-packet.c:246:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (d->fpr, s->fpr, sizeof s->fpr);
data/gnupg2-2.2.20/g10/free-packet.c:259:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( d, s, sizeof *d );
data/gnupg2-2.2.20/g10/getkey.c:115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[MAX_FINGERPRINT_LEN];
data/gnupg2-2.2.20/g10/getkey.c:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/gnupg2-2.2.20/g10/getkey.c:365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r->name, uid, r->len);
data/gnupg2-2.2.20/g10/getkey.c:1248:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr_string[MAX_FINGERPRINT_LEN * 2 + 1];
data/gnupg2-2.2.20/g10/getkey.c:1785:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
data/gnupg2-2.2.20/g10/getkey.c:2675:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&pk->revkey[pk->numrevkeys++],
data/gnupg2-2.2.20/g10/getkey.c:3378:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&pk->revoked, &rinfo, sizeof (rinfo));
data/gnupg2-2.2.20/g10/getkey.c:3721:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexfpr[2*MAX_FINGERPRINT_LEN + 1];
data/gnupg2-2.2.20/g10/getkey.c:3723:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flagbuf[20];
data/gnupg2-2.2.20/g10/getkey.c:3897:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[MAX_FINGERPRINT_LEN];
data/gnupg2-2.2.20/g10/getkey.c:3958:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, r->name, r->len);
data/gnupg2-2.2.20/g10/getkey.c:4060:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, r->name, r->len);
data/gnupg2-2.2.20/g10/gpg.c:1170:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[20];
data/gnupg2-2.2.20/g10/gpg.c:1229:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numlvl = numok? atoi (level) : 0;
data/gnupg2-2.2.20/g10/gpg.c:1285:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt.screen_columns=atoi(str);
data/gnupg2-2.2.20/g10/gpg.c:1289:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt.screen_lines=atoi(str);
data/gnupg2-2.2.20/g10/gpg.c:1336:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (fname, O_CREAT | O_TRUNC | O_WRONLY | binary,
data/gnupg2-2.2.20/g10/gpg.c:1339:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (fname, O_RDONLY | binary);
data/gnupg2-2.2.20/g10/gpg.c:1942:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i=atoi(tok);
data/gnupg2-2.2.20/g10/gpg.c:2532:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
configfp = fopen( configname, "r" );
data/gnupg2-2.2.20/g10/gpg.c:4793:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ int mode = argc < 2 ? 0 : atoi(*argv);
data/gnupg2-2.2.20/g10/gpg.c:4797:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
generate_public_prime( atoi(argv[1]) ), 1);
data/gnupg2-2.2.20/g10/gpg.c:4801:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
0, atoi(argv[1]),
data/gnupg2-2.2.20/g10/gpg.c:4802:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(argv[2]), NULL,NULL ), 1);
data/gnupg2-2.2.20/g10/gpg.c:4807:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
1, atoi(argv[1]),
data/gnupg2-2.2.20/g10/gpg.c:4808:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(argv[2]), NULL,&factors ), 1);
data/gnupg2-2.2.20/g10/gpg.c:4815:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
0, atoi(argv[1]),
data/gnupg2-2.2.20/g10/gpg.c:4816:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(argv[2]), g, NULL ), 1);
data/gnupg2-2.2.20/g10/gpg.c:4831:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int level = argc ? atoi(*argv):0;
data/gnupg2-2.2.20/g10/gpg.c:4832:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int count = argc > 1 ? atoi(argv[1]): 0;
data/gnupg2-2.2.20/g10/gpg.c:4980:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
change_pin (atoi (*argv),1);
data/gnupg2-2.2.20/g10/gpg.c:5307:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gnupg2-2.2.20/g10/gpg.c:5521:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (line, tmp, i);
data/gnupg2-2.2.20/g10/gpgcompose.c:208:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (c, a, i * sizeof (struct option));
data/gnupg2-2.2.20/g10/gpgcompose.c:209:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&c[i], b, j * sizeof (struct option));
data/gnupg2-2.2.20/g10/gpgcompose.c:552:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (uid->name, argv[0], l);
data/gnupg2-2.2.20/g10/gpgcompose.c:1276:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, p, prefix);
data/gnupg2-2.2.20/g10/gpgcompose.c:1578:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/gnupg2-2.2.20/g10/gpgcompose.c:1673:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&buf[1], si->reason_for_revocation, len - 1);
data/gnupg2-2.2.20/g10/gpgcompose.c:2235:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sesdek.key, si.session_key, sesdek.keylen);
data/gnupg2-2.2.20/g10/gpgcompose.c:2450:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (session_key.key, pi.session_key, session_key.keylen);
data/gnupg2-2.2.20/g10/gpgcompose.c:2501:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (session_key.key, sk.key, sk.keylen);
data/gnupg2-2.2.20/g10/gpgsql.c:236:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*errmsg, e, l);
data/gnupg2-2.2.20/g10/gpgsql.c:247:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*errmsg, e, l);
data/gnupg2-2.2.20/g10/import.c:842:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[15*20];
data/gnupg2-2.2.20/g10/import.c:1232:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_FINGERPRINT_LEN*2+30], *p;
data/gnupg2-2.2.20/g10/import.c:1241:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%02X", *s);
data/gnupg2-2.2.20/g10/import.c:1291:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[10]; /* prefs->value is a byte, so we're over
data/gnupg2-2.2.20/g10/import.c:1294:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num,"%u",prefs->value);
data/gnupg2-2.2.20/g10/import.c:1357:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[(MAX_FINGERPRINT_LEN*2)+1];
data/gnupg2-2.2.20/g10/import.c:1362:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(username+2*i,"%02X",*p);
data/gnupg2-2.2.20/g10/import.c:1387:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char numbuf[20];
data/gnupg2-2.2.20/g10/import.c:1844:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/import.c:2544:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char countbuf[35];
data/gnupg2-2.2.20/g10/import.c:2934:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/import.c:3139:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reason_code_buf[20];
data/gnupg2-2.2.20/g10/import.c:3177:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_comment, reason_p, reason_n);
data/gnupg2-2.2.20/g10/key-check.c:584:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/g10/key-check.c:691:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[100];
data/gnupg2-2.2.20/g10/keydb.c:445:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen (filename, "wb");
data/gnupg2-2.2.20/g10/keydb.c:500:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char verbuf[4];
data/gnupg2-2.2.20/g10/keydb.c:505:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (filename, "rb");
data/gnupg2-2.2.20/g10/keydb.c:538:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[MAX_FORMATTED_FINGERPRINT_LEN + 1];
data/gnupg2-2.2.20/g10/keydb.c:539:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[2 * MAX_FINGERPRINT_LEN + 1];
data/gnupg2-2.2.20/g10/keydb.c:723:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (filename+filenamelen-4, ".kbx");
data/gnupg2-2.2.20/g10/keydb.c:728:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (filename+filenamelen-4, ".gpg");
data/gnupg2-2.2.20/g10/keydb.c:739:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (filename+filenamelen-4, ".gpg");
data/gnupg2-2.2.20/g10/keydb.c:746:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (filename+filenamelen-4, ".kbx");
data/gnupg2-2.2.20/g10/keydb.c:758:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (filename+filenamelen-4, ".kbx");
data/gnupg2-2.2.20/g10/keydb.c:2025:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (hd->keyblock_cache.fpr, desc[0].u.fpr, 20);
data/gnupg2-2.2.20/g10/keydb.c:2112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (desc.u.fpr, fpr, MAX_FINGERPRINT_LEN);
data/gnupg2-2.2.20/g10/keydb.h:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userid[1];
data/gnupg2-2.2.20/g10/keyedit.c:418:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*trust_depth = atoi (p);
data/gnupg2-2.2.20/g10/keyedit.c:444:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (*regexp, "<[^>]+[@.]");
data/gnupg2-2.2.20/g10/keyedit.c:465:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (*regexp, ">$");
data/gnupg2-2.2.20/g10/keyedit.c:663:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/gnupg2-2.2.20/g10/keyedit.c:1532:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
arg_number = atoi (answer);
data/gnupg2-2.2.20/g10/keyedit.c:1541:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
arg_number = atoi (p);
data/gnupg2-2.2.20/g10/keyedit.c:3437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/keyedit.c:3678:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/keyedit.c:3734:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/keyedit.c:3783:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/keyedit.c:4329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/gnupg2-2.2.20/g10/keyedit.c:5493:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kid_str[17];
data/gnupg2-2.2.20/g10/keyedit.c:5503:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fp[2*MAX_FINGERPRINT_LEN + 1];
data/gnupg2-2.2.20/g10/keygen.c:105:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1];
data/gnupg2-2.2.20/g10/keygen.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy_string[20*4+1]; /* Enough for 20 items. */
data/gnupg2-2.2.20/g10/keygen.c:384:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dummy_string,"S9 ");
data/gnupg2-2.2.20/g10/keygen.c:386:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dummy_string,"S8 ");
data/gnupg2-2.2.20/g10/keygen.c:388:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dummy_string,"S7 ");
data/gnupg2-2.2.20/g10/keygen.c:389:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dummy_string,"S2 "); /* 3DES */
data/gnupg2-2.2.20/g10/keygen.c:397:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (dummy_string, "H10 ");
data/gnupg2-2.2.20/g10/keygen.c:400:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (dummy_string, "H9 ");
data/gnupg2-2.2.20/g10/keygen.c:403:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (dummy_string, "H8 ");
data/gnupg2-2.2.20/g10/keygen.c:411:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (dummy_string, "H10 ");
data/gnupg2-2.2.20/g10/keygen.c:414:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (dummy_string, "H9 ");
data/gnupg2-2.2.20/g10/keygen.c:417:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (dummy_string, "H8 ");
data/gnupg2-2.2.20/g10/keygen.c:421:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (dummy_string, "H11 ");
data/gnupg2-2.2.20/g10/keygen.c:423:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (dummy_string, "H2 "); /* SHA-1 */
data/gnupg2-2.2.20/g10/keygen.c:427:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dummy_string,"Z2 ");
data/gnupg2-2.2.20/g10/keygen.c:433:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dummy_string,"Z3 ");
data/gnupg2-2.2.20/g10/keygen.c:439:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dummy_string,"Z1 ");
data/gnupg2-2.2.20/g10/keygen.c:446:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dummy_string,"Z0 ");
data/gnupg2-2.2.20/g10/keygen.c:577:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sym_prefs, sym, (nsym_prefs=nsym));
data/gnupg2-2.2.20/g10/keygen.c:578:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (hash_prefs, hash, (nhash_prefs=nhash));
data/gnupg2-2.2.20/g10/keygen.c:579:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (zip_prefs, zip, (nzip_prefs=nzip));
data/gnupg2-2.2.20/g10/keygen.c:652:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, s, n);
data/gnupg2-2.2.20/g10/keygen.c:696:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, s, n);
data/gnupg2-2.2.20/g10/keygen.c:825:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+8, notation->name, n1 );
data/gnupg2-2.2.20/g10/keygen.c:827:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+8+n1, notation->altvalue, n2 );
data/gnupg2-2.2.20/g10/keygen.c:829:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+8+n1, notation->bdat, n2 );
data/gnupg2-2.2.20/g10/keygen.c:831:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+8+n1, notation->value, n2 );
data/gnupg2-2.2.20/g10/keygen.c:849:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&buf[2], revkey->fpr, MAX_FINGERPRINT_LEN);
data/gnupg2-2.2.20/g10/keygen.c:1433:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbitsstr[35];
data/gnupg2-2.2.20/g10/keygen.c:1491:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbitsstr[35];
data/gnupg2-2.2.20/g10/keygen.c:1492:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qbitsstr[35];
data/gnupg2-2.2.20/g10/keygen.c:1645:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbitsstr[35];
data/gnupg2-2.2.20/g10/keygen.c:1982:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
algo = *answer? atoi (answer) : 1;
data/gnupg2-2.2.20/g10/keygen.c:2185:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selection = atoi (answer);
data/gnupg2-2.2.20/g10/keygen.c:2362:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nbits = *answer? atoi (answer): def;
data/gnupg2-2.2.20/g10/keygen.c:2475:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = *answer? atoi (answer) : 1;
data/gnupg2-2.2.20/g10/keygen.c:2561:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seconds = atoi (string+8);
data/gnupg2-2.2.20/g10/keygen.c:2568:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seconds = atoi (string) * 86400L * mult;
data/gnupg2-2.2.20/g10/keygen.c:2585:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seconds = atoi (string+8);
data/gnupg2-2.2.20/g10/keygen.c:2871:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, " (insecure!)" );
data/gnupg2-2.2.20/g10/keygen.c:3600:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( r->u.value );
data/gnupg2-2.2.20/g10/keygen.c:3705:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
revkey.algid=atoi(pn);
data/gnupg2-2.2.20/g10/keygen.c:3734:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&r->u.revkey,&revkey,sizeof(struct revocation_key));
data/gnupg2-2.2.20/g10/keygen.c:4233:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (r->u.value, "%u", nbits);
data/gnupg2-2.2.20/g10/keygen.c:4494:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%d", info.key_attr[0].algo );
data/gnupg2-2.2.20/g10/keygen.c:4499:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (r->u.value, "sign");
data/gnupg2-2.2.20/g10/keygen.c:4505:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%d", info.key_attr[1].algo );
data/gnupg2-2.2.20/g10/keygen.c:4510:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (r->u.value, "encrypt");
data/gnupg2-2.2.20/g10/keygen.c:4517:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%u", info.key_attr[1].nbits);
data/gnupg2-2.2.20/g10/keygen.c:4534:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%d", info.key_attr[2].algo );
data/gnupg2-2.2.20/g10/keygen.c:4558:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%d", algo);
data/gnupg2-2.2.20/g10/keygen.c:4597:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%d", algo);
data/gnupg2-2.2.20/g10/keygen.c:4611:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%d", algo);
data/gnupg2-2.2.20/g10/keygen.c:4617:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%u", nbits);
data/gnupg2-2.2.20/g10/keygen.c:4623:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( r->u.value, "sign" );
data/gnupg2-2.2.20/g10/keygen.c:4629:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%d", subkey_algo);
data/gnupg2-2.2.20/g10/keygen.c:4634:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( r->u.value, "encrypt" );
data/gnupg2-2.2.20/g10/keygen.c:4674:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%d", algo );
data/gnupg2-2.2.20/g10/keygen.c:4703:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( r->u.value, "%u", nbits);
data/gnupg2-2.2.20/g10/keygen.c:4800:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid_buffer[2 * 8 + 1];
data/gnupg2-2.2.20/g10/keygen.c:4801:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buffer[50];
data/gnupg2-2.2.20/g10/keygen.c:5678:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid[10];
data/gnupg2-2.2.20/g10/keyid.c:183:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pp[i], p, (nbits+7)/8);
data/gnupg2-2.2.20/g10/keyid.c:326:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[KEYID_STR_SIZE];
data/gnupg2-2.2.20/g10/keyid.c:403:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char keyid_str[KEYID_STR_SIZE];
data/gnupg2-2.2.20/g10/keyid.c:419:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[KEYID_STR_SIZE+1+KEYID_STR_SIZE];
data/gnupg2-2.2.20/g10/keyid.c:626:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buffer, "????" "-??" "-??"); /* Mark this as invalid. */
data/gnupg2-2.2.20/g10/keyid.c:645:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MK_DATESTR_SIZE];
data/gnupg2-2.2.20/g10/keyid.c:654:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MK_DATESTR_SIZE];
data/gnupg2-2.2.20/g10/keyid.c:663:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MK_DATESTR_SIZE];
data/gnupg2-2.2.20/g10/keyid.c:674:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MK_DATESTR_SIZE];
data/gnupg2-2.2.20/g10/keyid.c:685:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MK_DATESTR_SIZE];
data/gnupg2-2.2.20/g10/keyid.c:696:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[10];
data/gnupg2-2.2.20/g10/keyid.c:723:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/gnupg2-2.2.20/g10/keyid.c:734:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/gnupg2-2.2.20/g10/keyid.c:744:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/gnupg2-2.2.20/g10/keyid.c:753:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/gnupg2-2.2.20/g10/keyid.c:781:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (array, dp, len );
data/gnupg2-2.2.20/g10/keyid.c:802:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[MAX_FINGERPRINT_LEN];
data/gnupg2-2.2.20/g10/keyid.c:971:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/g10/keylist.c:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/keylist.c:204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/keylist.c:235:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/keylist.c:295:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[40];
data/gnupg2-2.2.20/g10/keylist.c:870:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[(MAX_FINGERPRINT_LEN * 2) + 90];
data/gnupg2-2.2.20/g10/keylist.c:879:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf + 2 * j, "%02X", *p);
data/gnupg2-2.2.20/g10/keylist.c:881:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf + strlen (buf), " %lu %u %u %u %lu %lu %u",
data/gnupg2-2.2.20/g10/keylist.c:956:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updatestr[MK_DATESTR_SIZE];
data/gnupg2-2.2.20/g10/keylist.c:996:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
- atoi (uid_trust_string_fixed (ctrl, NULL, NULL)));
data/gnupg2-2.2.20/g10/keylist.c:1014:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuf[32];
data/gnupg2-2.2.20/g10/keylist.c:1036:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updatestr[MK_DATESTR_SIZE];
data/gnupg2-2.2.20/g10/keylist.c:1257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexfpr[2*MAX_FINGERPRINT_LEN+1];
data/gnupg2-2.2.20/g10/keylist.c:1883:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *list[16] = {
data/gnupg2-2.2.20/g10/keylist.c:1911:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexfpr[2*MAX_FINGERPRINT_LEN+1];
data/gnupg2-2.2.20/g10/keylist.c:2010:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmtfpr[MAX_FORMATTED_FINGERPRINT_LEN + 1];
data/gnupg2-2.2.20/g10/keylist.c:2078:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/keyring.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1];
data/gnupg2-2.2.20/g10/keyserver.c:298:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(keyserver->uri,"://");
data/gnupg2-2.2.20/g10/keyserver.c:461:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dupe,p,plen);
data/gnupg2-2.2.20/g10/keyserver.c:631:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
work->type=atoi(tok);
data/gnupg2-2.2.20/g10/keyserver.c:636:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
work->size=atoi(tok);
data/gnupg2-2.2.20/g10/keyserver.c:641:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(tok)<=0)
data/gnupg2-2.2.20/g10/keyserver.c:644:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
work->createtime=atoi(tok);
data/gnupg2-2.2.20/g10/keyserver.c:649:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(tok)<=0)
data/gnupg2-2.2.20/g10/keyserver.c:653:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
work->expiretime=atoi(tok);
data/gnupg2-2.2.20/g10/keyserver.c:764:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi (answer) >= 1 && atoi (answer) <= numdesc)
data/gnupg2-2.2.20/g10/keyserver.c:764:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi (answer) >= 1 && atoi (answer) <= numdesc)
data/gnupg2-2.2.20/g10/keyserver.c:773:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (num) >= 1 && atoi (num) <= numdesc)
data/gnupg2-2.2.20/g10/keyserver.c:773:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi (num) >= 1 && atoi (num) <= numdesc)
data/gnupg2-2.2.20/g10/keyserver.c:780:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numarray[numidx++] = atoi (num);
data/gnupg2-2.2.20/g10/keyserver.c:1177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(desc.u.fpr,fprint,fprint_len);
data/gnupg2-2.2.20/g10/keyserver.c:1634:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (pattern[npat], "0x");
data/gnupg2-2.2.20/g10/keyserver.c:2124:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srvname[MAXDNAME];
data/gnupg2-2.2.20/g10/keyserver.c:2152:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[7];
data/gnupg2-2.2.20/g10/keyserver.c:2171:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(keyserver->host,"keys.");
data/gnupg2-2.2.20/g10/main.h:378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexfpr[2*MAX_FINGERPRINT_LEN + 1];
data/gnupg2-2.2.20/g10/mainproc.c:292:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dek->key, seskey + 1, dek->keylen);
data/gnupg2-2.2.20/g10/mainproc.c:405:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/gnupg2-2.2.20/g10/mainproc.c:527:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/gnupg2-2.2.20/g10/mainproc.c:1080:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sig->digest, buffer, sig->digest_len);
data/gnupg2-2.2.20/g10/mainproc.c:1652:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sig->pka_info->fpr, fpr, fprlen);
data/gnupg2-2.2.20/g10/mainproc.c:2100:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid_str[50];
data/gnupg2-2.2.20/g10/mainproc.c:2298:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkhex[MAX_FINGERPRINT_LEN*2+1];
data/gnupg2-2.2.20/g10/mainproc.c:2299:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mainpkhex[MAX_FINGERPRINT_LEN*2+1];
data/gnupg2-2.2.20/g10/mainproc.c:2349:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/migrate.c:102:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen (flagfile, "w");
data/gnupg2-2.2.20/g10/misc.c:873:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&ret[idx],"%08lX",(ulong)sk_keyid[1]);
data/gnupg2-2.2.20/g10/misc.c:882:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&ret[idx],"%08lX%08lX",
data/gnupg2-2.2.20/g10/misc.c:892:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&ret[idx],"%08lX",(ulong)pk_keyid[1]);
data/gnupg2-2.2.20/g10/misc.c:901:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&ret[idx],"%08lX%08lX",
data/gnupg2-2.2.20/g10/misc.c:928:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&ret[idx],"%lu", get_signature_count (args->pksk));
data/gnupg2-2.2.20/g10/misc.c:974:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&ret[idx],"%02X",array[i]);
data/gnupg2-2.2.20/g10/openfile.c:188:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xname[64];
data/gnupg2-2.2.20/g10/packet.h:187:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20]; /* The fingerprint as stored in the PKA RR. */
data/gnupg2-2.2.20/g10/packet.h:188:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email[1];/* The email address from the notation data. */
data/gnupg2-2.2.20/g10/packet.h:312:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/gnupg2-2.2.20/g10/packet.h:443:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1];
data/gnupg2-2.2.20/g10/packet.h:529:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/gnupg2-2.2.20/g10/packet.h:535:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1];
data/gnupg2-2.2.20/g10/parse-packet.c:646:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[4];
data/gnupg2-2.2.20/g10/parse-packet.c:928:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gnupg2-2.2.20/g10/parse-packet.c:1038:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/gnupg2-2.2.20/g10/parse-packet.c:1072:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmpbuf, buffer, 1 + nbytes);
data/gnupg2-2.2.20/g10/parse-packet.c:1907:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sig->revkey[sig->numrevkeys].fpr, &revkey[2], 20);
data/gnupg2-2.2.20/g10/parse-packet.c:2516:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ski->s2k.salt, temp, 8);
data/gnupg2-2.2.20/g10/parse-packet.c:2642:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ski->iv, temp, ski->ivlen);
data/gnupg2-2.2.20/g10/parse-packet.c:2860:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (uid->name, "[bad attribute packet of size %lu]",
data/gnupg2-2.2.20/g10/parse-packet.c:2863:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (uid->name, "[%d attributes of size %lu]",
data/gnupg2-2.2.20/g10/parse-packet.c:2875:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (uid->name, "[%.20s image of size %lu]",
data/gnupg2-2.2.20/g10/parse-packet.c:2878:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (uid->name, "[invalid image]");
data/gnupg2-2.2.20/g10/parse-packet.c:2881:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (uid->name, "[unknown attribute of size %lu]",
data/gnupg2-2.2.20/g10/parse-packet.c:3019:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4];
data/gnupg2-2.2.20/g10/passphrase.c:176:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/gnupg2-2.2.20/g10/passphrase.c:193:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pw, pw2, i );
data/gnupg2-2.2.20/g10/passphrase.c:313:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2k_cacheidbuf[1+16+1];
data/gnupg2-2.2.20/g10/passphrase.c:354:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/gnupg2-2.2.20/g10/passphrase.c:385:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/gnupg2-2.2.20/g10/passphrase.c:437:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dek->s2k_cacheid, s2k_cacheid, sizeof dek->s2k_cacheid);
data/gnupg2-2.2.20/g10/passphrase.c:450:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/gnupg2-2.2.20/g10/pkclist.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/gnupg2-2.2.20/g10/pkclist.c:598:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[MAX_FINGERPRINT_LEN];
data/gnupg2-2.2.20/g10/pkclist.c:952:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkstrbuf[PUBKEY_STRING_SIZE];
data/gnupg2-2.2.20/g10/pkglue.c:154:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/gnupg2-2.2.20/g10/plaintext.c:115:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xname[64];
data/gnupg2-2.2.20/g10/plaintext.c:188:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "wb");
data/gnupg2-2.2.20/g10/plaintext.c:252:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[50];
data/gnupg2-2.2.20/g10/plaintext.c:803:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pt->name, s, pt->namelen);
data/gnupg2-2.2.20/g10/progress.c:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[60];
data/gnupg2-2.2.20/g10/pubkey-enc.c:367:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dek->key, frame + n, dek->keylen);
data/gnupg2-2.2.20/g10/pubkey-enc.c:443:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkhex[MAX_FINGERPRINT_LEN*2+1];
data/gnupg2-2.2.20/g10/pubkey-enc.c:444:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mainpkhex[MAX_FINGERPRINT_LEN*2+1];
data/gnupg2-2.2.20/g10/pubkey-enc.c:483:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dek->algo = atoi (string);
data/gnupg2-2.2.20/g10/revoke.c:63:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+1, ud, strlen(ud) );
data/gnupg2-2.2.20/g10/revoke.c:815:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(answer);
data/gnupg2-2.2.20/g10/rmd160.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/gnupg2-2.2.20/g10/rmd160.c:104:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (x, data, 64);
data/gnupg2-2.2.20/g10/rmd160.c:424:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (outbuf, hd.buf, 20);
data/gnupg2-2.2.20/g10/server.c:574:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/g10/seskey.c:113:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (frame+n, dek->key, dek->keylen);
data/gnupg2-2.2.20/g10/seskey.c:188:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (frame+n, p, i);
data/gnupg2-2.2.20/g10/seskey.c:193:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (frame+n, dek->key, dek->keylen );
data/gnupg2-2.2.20/g10/seskey.c:235:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( frame+n, asn, asnlen ); n += asnlen;
data/gnupg2-2.2.20/g10/seskey.c:236:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( frame+n, gcry_md_read (md, algo), len ); n += len;
data/gnupg2-2.2.20/g10/sig-check.c:244:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuf[20];
data/gnupg2-2.2.20/g10/sig-check.c:378:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[11];
data/gnupg2-2.2.20/g10/sign.c:201:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexfpr[2*MAX_FINGERPRINT_LEN + 1];
data/gnupg2-2.2.20/g10/sign.c:667:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100+MAX_FINGERPRINT_LEN*2];
data/gnupg2-2.2.20/g10/skclist.c:337:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr2[2 * MAX_FINGERPRINT_LEN + 3 ];
data/gnupg2-2.2.20/g10/t-rmd160.c:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest[20];
data/gnupg2-2.2.20/g10/t-stutter.c:73:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatted[2 * 16 + 1];
data/gnupg2-2.2.20/g10/t-stutter.c:74:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[16 + 1];
data/gnupg2-2.2.20/g10/t-stutter.c:123:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bufs[100][7];
data/gnupg2-2.2.20/g10/t-stutter.c:129:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (bufs[i], "0x%02X%02X", bytes[0], bytes[1]);
data/gnupg2-2.2.20/g10/t-stutter.c:139:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bufs[100][2];
data/gnupg2-2.2.20/g10/t-stutter.c:360:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (probe, &msg[2], blocksize);
data/gnupg2-2.2.20/g10/t-stutter.c:362:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (probe, block (msg, msg_len, b), blocksize);
data/gnupg2-2.2.20/g10/t-stutter.c:417:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (filename, "r");
data/gnupg2-2.2.20/g10/tdbdump.c:128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/gnupg2-2.2.20/g10/tdbdump.c:215:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rec.r.trust.fingerprint, fpr, 20);
data/gnupg2-2.2.20/g10/tdbio.c:73:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[TRUST_RECORD_LEN];
data/gnupg2-2.2.20/g10/tdbio.c:273:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r->data, data, TRUST_RECORD_LEN);
data/gnupg2-2.2.20/g10/tdbio.c:292:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r->data, data, TRUST_RECORD_LEN);
data/gnupg2-2.2.20/g10/tdbio.c:306:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r->data, data, TRUST_RECORD_LEN);
data/gnupg2-2.2.20/g10/tdbio.c:343:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r->data, data, TRUST_RECORD_LEN);
data/gnupg2-2.2.20/g10/tdbio.c:363:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r->data, data, TRUST_RECORD_LEN);
data/gnupg2-2.2.20/g10/tdbio.c:411:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r->data, data, TRUST_RECORD_LEN);
data/gnupg2-2.2.20/g10/tdbio.c:748:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "wb");
data/gnupg2-2.2.20/g10/tdbio.c:754:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db_fd = open (db_name, O_RDWR | MY_O_BINARY);
data/gnupg2-2.2.20/g10/tdbio.c:814:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db_fd = open (db_name, O_RDWR | MY_O_BINARY );
data/gnupg2-2.2.20/g10/tdbio.c:822:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db_fd = open (db_name, O_RDONLY | MY_O_BINARY );
data/gnupg2-2.2.20/g10/tdbio.c:1627:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rec->r.trust.fingerprint, p, 20);
data/gnupg2-2.2.20/g10/tdbio.c:1637:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rec->r.valid.namehash, p, 20);
data/gnupg2-2.2.20/g10/tdbio.c:1686:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p-1, GPGEXT_GPG, 3 ); p += 2;
data/gnupg2-2.2.20/g10/tdbio.c:1723:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, rec->r.trust.fingerprint, 20); p += 20;
data/gnupg2-2.2.20/g10/tdbio.c:1732:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, rec->r.valid.namehash, 20); p += 20;
data/gnupg2-2.2.20/g10/test.c:163:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (result, "/g10/");
data/gnupg2-2.2.20/g10/tofu.c:521:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid_str[16+1];
data/gnupg2-2.2.20/g10/tofu.c:561:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&utks_string[o], keyid_str, 16);
data/gnupg2-2.2.20/g10/tofu.c:1221:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fingerprint[1];
data/gnupg2-2.2.20/g10/tofu.c:1373:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_keyid[33];
data/gnupg2-2.2.20/g10/tofu.c:1374:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b_keyid[33];
data/gnupg2-2.2.20/g10/tofu.c:1631:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
other_policy = atoi (other_thing);
data/gnupg2-2.2.20/g10/tofu.c:2471:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fingerprint_raw[20];
data/gnupg2-2.2.20/g10/trustdb.c:949:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (vrec.r.valid.namehash, uid->namehash, 20);
data/gnupg2-2.2.20/g10/trustdb.c:1553:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(new,"<[^>]+[@.]");
data/gnupg2-2.2.20/g10/trustdb.c:1583:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(new,">$");
data/gnupg2-2.2.20/g10/verify.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[2048];
data/gnupg2-2.2.20/g13/be-encfs.c:78:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[3];
data/gnupg2-2.2.20/g13/be-encfs.c:224:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[10];
data/gnupg2-2.2.20/g13/call-syshelp.c:132:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[4];
data/gnupg2-2.2.20/g13/create.c:61:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char twobyte[2];
data/gnupg2-2.2.20/g13/create.c:131:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[32];
data/gnupg2-2.2.20/g13/create.c:155:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (packet+6, "GnuPG/G13", 10); /* Packet subtype. */
data/gnupg2-2.2.20/g13/create.c:186:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (packet+6, "GnuPG/PAD", 10); /* Packet subtype. */
data/gnupg2-2.2.20/g13/g13-syshelp.c:179:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numlvl = numok? atoi (debug_level) : 0;
data/gnupg2-2.2.20/g13/g13-syshelp.c:328:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
configfp = fopen (configname, "r");
data/gnupg2-2.2.20/g13/g13-syshelp.c:613:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[512];
data/gnupg2-2.2.20/g13/g13-syshelp.h:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blockdev[1]; /* String with the name of the block device. If
data/gnupg2-2.2.20/g13/g13.c:279:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numlvl = numok? atoi (debug_level) : 0;
data/gnupg2-2.2.20/g13/g13.c:457:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
configfp = fopen (configname, "r");
data/gnupg2-2.2.20/g13/g13tuple.c:50:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/gnupg2-2.2.20/g13/g13tuple.c:72:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/gnupg2-2.2.20/g13/keyblob.c:93:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[32];
data/gnupg2-2.2.20/g13/runner.c:316:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/g13/server.c:501:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/g13/sh-blockdev.c:49:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/g13/sh-blockdev.c:77:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[6];
data/gnupg2-2.2.20/g13/sh-cmd.c:675:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:113:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[2];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:200:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (packet+6, "GnuPG/G13", 10); /* Packet subtype. */
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:233:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexkey[16*2+1];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:237:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char twobyte[2];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:375:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (header_space, p, n);
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:403:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (header_space + header_space_used, p, n);
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:426:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (packet, "GnuPG/PAD", 10);
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:435:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:548:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexkey[16*2+1];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:679:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:701:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:770:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[2];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:783:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:799:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:868:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:889:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[5];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:927:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexkey[8+16*2+1]; /* 8 is used to prepend "key set ". */
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:985:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hexkey, "key set ");
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:990:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[4];
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:1013:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/kbx/kbxutil.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helpbuf[9];
data/gnupg2-2.2.20/kbx/kbxutil.c:275:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "rb");
data/gnupg2-2.2.20/kbx/keybox-blob.c:180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[20];
data/gnupg2-2.2.20/kbx/keybox-blob.c:269:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (mb->buf + mb->len, buf, len);
data/gnupg2-2.2.20/kbx/keybox-blob.c:304:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/gnupg2-2.2.20/kbx/keybox-blob.c:313:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[4];
data/gnupg2-2.2.20/kbx/keybox-blob.c:363:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (k->kid, kinfo->keyid, 8);
data/gnupg2-2.2.20/kbx/keybox-blob.c:385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (blob->keys[n].fpr, kinfo->fpr, fprlen);
data/gnupg2-2.2.20/kbx/keybox-blob.c:695:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pp , p, n);
data/gnupg2-2.2.20/kbx/keybox-blob.c:923:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (blob->keys[0].fpr, sha1_digest, 20);
data/gnupg2-2.2.20/kbx/keybox-defs.h:69:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1];
data/gnupg2-2.2.20/kbx/keybox-defs.h:102:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/kbx/keybox-defs.h:103:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keyid[8];
data/gnupg2-2.2.20/kbx/keybox-defs.h:105:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/kbx/keybox-dump.c:72:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20];
data/gnupg2-2.2.20/kbx/keybox-dump.c:556:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (*filename, "rb");
data/gnupg2-2.2.20/kbx/keybox-dump.c:668:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20];
data/gnupg2-2.2.20/kbx/keybox-dump.c:689:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zerodigest[20];
data/gnupg2-2.2.20/kbx/keybox-dump.c:692:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fprbuf[3*20+1];
data/gnupg2-2.2.20/kbx/keybox-dump.c:714:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20];
data/gnupg2-2.2.20/kbx/keybox-dump.c:737:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dupitems[dupitems_count].digest, digest, 20);
data/gnupg2-2.2.20/kbx/keybox-file.c:153:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char image[32];
data/gnupg2-2.2.20/kbx/keybox-file.c:165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (image+8, "KBXf", 4);
data/gnupg2-2.2.20/kbx/keybox-openpgp.c:265:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hashbuffer[768];
data/gnupg2-2.2.20/kbx/keybox-openpgp.c:269:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *helpmpibuf[OPENPGP_MAX_NPKEY] = { NULL };
data/gnupg2-2.2.20/kbx/keybox-openpgp.c:371:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (helpmpibuf[i]+1, keyparm[i].mpi, keyparm[i].len);
data/gnupg2-2.2.20/kbx/keybox-openpgp.c:393:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ki->fpr, gcry_md_read (md, 0), 16);
data/gnupg2-2.2.20/kbx/keybox-openpgp.c:404:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ki->keyid, keyparm[0].mpi + keyparm[0].len - 8, 8);
data/gnupg2-2.2.20/kbx/keybox-openpgp.c:420:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (hashbuffer + 3, data_start, n);
data/gnupg2-2.2.20/kbx/keybox-openpgp.c:432:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ki->fpr, gcry_md_read (md, 0), 20);
data/gnupg2-2.2.20/kbx/keybox-openpgp.c:436:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ki->keyid, ki->fpr+12, 8);
data/gnupg2-2.2.20/kbx/keybox-search-desc.h:72:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[24];
data/gnupg2-2.2.20/kbx/keybox-search-desc.h:74:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/kbx/keybox-search.c:568:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char array[20];
data/gnupg2-2.2.20/kbx/keybox-search.c:629:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/gnupg2-2.2.20/kbx/keybox-search.c:640:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/gnupg2-2.2.20/kbx/keybox-search.c:785:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hd->fp = fopen (hd->kb->fname, "rb");
data/gnupg2-2.2.20/kbx/keybox-search.c:988:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sn_array[n].sn, sn, snlen);
data/gnupg2-2.2.20/kbx/keybox-update.c:81:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*r_fp = fopen (*r_tmpfname, "wb");
data/gnupg2-2.2.20/kbx/keybox-update.c:168:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096]; /* (Must be at least 32 bytes) */
data/gnupg2-2.2.20/kbx/keybox-update.c:176:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "rb");
data/gnupg2-2.2.20/kbx/keybox-update.c:181:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
newfp = fopen (fname, "wb");
data/gnupg2-2.2.20/kbx/keybox-update.c:538:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (hd->kb->fname, "r+b");
data/gnupg2-2.2.20/kbx/keybox-update.c:547:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[4];
data/gnupg2-2.2.20/kbx/keybox-update.c:603:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (hd->kb->fname, "r+b");
data/gnupg2-2.2.20/kbx/keybox-update.c:657:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "rb");
data/gnupg2-2.2.20/scd/apdu.c:137:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char atr[33];
data/gnupg2-2.2.20/scd/apdu.c:286:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char atr[33];
data/gnupg2-2.2.20/scd/apdu.c:832:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reader[250];
data/gnupg2-2.2.20/scd/apdu.c:903:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/gnupg2-2.2.20/scd/apdu.c:1209:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char result[6];
data/gnupg2-2.2.20/scd/apdu.c:1284:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char result[6]; /* See the comment at pinpad_verify. */
data/gnupg2-2.2.20/scd/apdu.c:1386:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char atr[33];
data/gnupg2-2.2.20/scd/apdu.c:1395:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (slotp->atr, atr, atrlen);
data/gnupg2-2.2.20/scd/apdu.c:1493:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char apdu[4];
data/gnupg2-2.2.20/scd/apdu.c:1495:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char result[2];
data/gnupg2-2.2.20/scd/apdu.c:1659:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (slotp->atr, msg->data, msg->datalen);
data/gnupg2-2.2.20/scd/apdu.c:1767:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, msg->data, msg->datalen);
data/gnupg2-2.2.20/scd/apdu.c:1841:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (slotp->atr, msg->data, msg->datalen);
data/gnupg2-2.2.20/scd/apdu.c:2058:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
readerno = atoi (dl->portstr);
data/gnupg2-2.2.20/scd/apdu.c:2162:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return open_rapdu_reader (portstr? atoi (portstr) : 0,
data/gnupg2-2.2.20/scd/apdu.c:2483:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, reader_table[slot].atr, reader_table[slot].atrlen);
data/gnupg2-2.2.20/scd/apdu.c:2670:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char short_result_buffer[SHORT_RESULT_BUFFER_SIZE+10];
data/gnupg2-2.2.20/scd/apdu.c:2675:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char short_apdu_buffer[5+256+1];
data/gnupg2-2.2.20/scd/apdu.c:2796:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (apdu+apdulen, data, lc);
data/gnupg2-2.2.20/scd/apdu.c:2831:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (apdu+apdulen, data, lc_chunk);
data/gnupg2-2.2.20/scd/apdu.c:2897:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*retbuf, result, resultlen);
data/gnupg2-2.2.20/scd/apdu.c:2917:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, result, resultlen);
data/gnupg2-2.2.20/scd/apdu.c:2977:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, result, resultlen);
data/gnupg2-2.2.20/scd/apdu.c:3088:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char short_result_buffer[SHORT_RESULT_BUFFER_SIZE+10];
data/gnupg2-2.2.20/scd/apdu.c:3093:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char short_apdu_buffer[5+256+10];
data/gnupg2-2.2.20/scd/apdu.c:3119:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (apdu, apdudata, apdudatalen);
data/gnupg2-2.2.20/scd/apdu.c:3187:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, result, resultlen);
data/gnupg2-2.2.20/scd/apdu.c:3245:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, result, resultlen);
data/gnupg2-2.2.20/scd/apdu.c:3276:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*retbuf, result, resultlen);
data/gnupg2-2.2.20/scd/app-dinsig.c:92:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ct_buf[100], id_buf[100];
data/gnupg2-2.2.20/scd/app-dinsig.c:93:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexkeygrip[41];
data/gnupg2-2.2.20/scd/app-dinsig.c:108:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (ct_buf, "%d", 101);
data/gnupg2-2.2.20/scd/app-dinsig.c:109:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (id_buf, "DINSIG.%04X", fid);
data/gnupg2-2.2.20/scd/app-dinsig.c:149:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (id_buf, "DINSIG.%04X", fid);
data/gnupg2-2.2.20/scd/app-dinsig.c:356:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paddedpin[8];
data/gnupg2-2.2.20/scd/app-dinsig.c:396:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1_prefix[15] = /* Object ID is 1.3.14.3.2.26 */
data/gnupg2-2.2.20/scd/app-dinsig.c:399:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char rmd160_prefix[15] = /* Object ID is 1.3.36.3.2.1 */
data/gnupg2-2.2.20/scd/app-dinsig.c:402:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha256_prefix[19] = /* OID is 2.16.840.1.101.3.4.2.1 */
data/gnupg2-2.2.20/scd/app-dinsig.c:408:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[19+32]; /* Must be large enough for a SHA-256 digest
data/gnupg2-2.2.20/scd/app-dinsig.c:444:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, indata, indatalen);
data/gnupg2-2.2.20/scd/app-dinsig.c:463:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, indata, indatalen);
data/gnupg2-2.2.20/scd/app-dinsig.c:469:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, sha1_prefix, len);
data/gnupg2-2.2.20/scd/app-dinsig.c:471:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, rmd160_prefix, len);
data/gnupg2-2.2.20/scd/app-dinsig.c:476:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, sha256_prefix, len);
data/gnupg2-2.2.20/scd/app-dinsig.c:480:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data+len, indata, indatalen);
data/gnupg2-2.2.20/scd/app-geldkarte.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kblz[2+1+4+1];
data/gnupg2-2.2.20/scd/app-geldkarte.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expires[7+1];
data/gnupg2-2.2.20/scd/app-geldkarte.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char validfrom[10+1];
data/gnupg2-2.2.20/scd/app-geldkarte.c:56:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currency[3+1];
data/gnupg2-2.2.20/scd/app-geldkarte.c:98:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[100];
data/gnupg2-2.2.20/scd/app-geldkarte.c:327:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (app->serialno, result, 10);
data/gnupg2-2.2.20/scd/app-help.c:65:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char array[20];
data/gnupg2-2.2.20/scd/app-nks.c:147:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/scd/app-nks.c:148:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *buffer[2];
data/gnupg2-2.2.20/scd/app-nks.c:217:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (newbuf+1, buffer[i]+offset[i], buflen[i] - offset[i]);
data/gnupg2-2.2.20/scd/app-nks.c:264:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[4];
data/gnupg2-2.2.20/scd/app-nks.c:319:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gnupg2-2.2.20/scd/app-nks.c:401:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ct_buf[100], id_buf[100];
data/gnupg2-2.2.20/scd/app-nks.c:444:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gripstr[40+1];
data/gnupg2-2.2.20/scd/app-nks.c:652:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *buffer[2];
data/gnupg2-2.2.20/scd/app-nks.c:887:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1_prefix[15] = /* Object ID is 1.3.14.3.2.26 */
data/gnupg2-2.2.20/scd/app-nks.c:890:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char rmd160_prefix[15] = /* Object ID is 1.3.36.3.2.1 */
data/gnupg2-2.2.20/scd/app-nks.c:897:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[83]; /* Must be large enough for a SHA-1 digest
data/gnupg2-2.2.20/scd/app-nks.c:955:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, indata, indatalen);
data/gnupg2-2.2.20/scd/app-nks.c:968:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, indata, indatalen);
data/gnupg2-2.2.20/scd/app-nks.c:974:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, sha1_prefix, 15);
data/gnupg2-2.2.20/scd/app-nks.c:976:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, rmd160_prefix, 15);
data/gnupg2-2.2.20/scd/app-nks.c:979:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data+15, indata, indatalen);
data/gnupg2-2.2.20/scd/app-nks.c:989:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mse[6];
data/gnupg2-2.2.20/scd/app-nks.c:1065:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mse[6];
data/gnupg2-2.2.20/scd/app-nks.c:1283:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, oldpin, oldpinlen);
data/gnupg2-2.2.20/scd/app-nks.c:1284:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data+oldpinlen, newpin, newpinlen);
data/gnupg2-2.2.20/scd/app-openpgp.c:158:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/gnupg2-2.2.20/scd/app-openpgp.c:330:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, c->data, c->length);
data/gnupg2-2.2.20/scd/app-openpgp.c:379:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (c->data, p, len);
data/gnupg2-2.2.20/scd/app-openpgp.c:767:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *m[MAX_ARGS_STORE_FPR];
data/gnupg2-2.2.20/scd/app-openpgp.c:812:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, m[i], mlen[i]);
data/gnupg2-2.2.20/scd/app-openpgp.c:831:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/gnupg2-2.2.20/scd/app-openpgp.c:853:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[41];
data/gnupg2-2.2.20/scd/app-openpgp.c:854:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[25];
data/gnupg2-2.2.20/scd/app-openpgp.c:864:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%d", number);
data/gnupg2-2.2.20/scd/app-openpgp.c:874:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf1[50], numbuf2[50];
data/gnupg2-2.2.20/scd/app-openpgp.c:880:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf1, "%d", number);
data/gnupg2-2.2.20/scd/app-openpgp.c:881:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf2, "%lu", value);
data/gnupg2-2.2.20/scd/app-openpgp.c:920:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/gnupg2-2.2.20/scd/app-openpgp.c:1023:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[110];
data/gnupg2-2.2.20/scd/app-openpgp.c:1092:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[7*23];
data/gnupg2-2.2.20/scd/app-openpgp.c:1095:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf+strlen (numbuf), " %d", value[i]);
data/gnupg2-2.2.20/scd/app-openpgp.c:1101:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/scd/app-openpgp.c:1103:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%lu", convert_sig_counter_value (value, valuelen));
data/gnupg2-2.2.20/scd/app-openpgp.c:1167:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (string, value, valuelen);
data/gnupg2-2.2.20/scd/app-openpgp.c:1296:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[6] = { NULL, NULL, NULL, NULL, NULL, NULL };
data/gnupg2-2.2.20/scd/app-openpgp.c:1341:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( nfields < 4 || (i = atoi (fields[1])) < 0 || i > 1
data/gnupg2-2.2.20/scd/app-openpgp.c:1417:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fprbuf[20];
data/gnupg2-2.2.20/scd/app-openpgp.c:1437:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (mbuf+1, m, mlen);
data/gnupg2-2.2.20/scd/app-openpgp.c:1441:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (mbuf, m, mlen);
data/gnupg2-2.2.20/scd/app-openpgp.c:1453:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ebuf+1, e, elen);
data/gnupg2-2.2.20/scd/app-openpgp.c:1457:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ebuf, e, elen);
data/gnupg2-2.2.20/scd/app-openpgp.c:1537:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (qbuf+1, ecc_q, ecc_q_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:1541:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (qbuf, ecc_q, ecc_q_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:1565:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fprbuf[20];
data/gnupg2-2.2.20/scd/app-openpgp.c:1726:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[41];
data/gnupg2-2.2.20/scd/app-openpgp.c:1813:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/scd/app-openpgp.c:1814:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gripstr[41];
data/gnupg2-2.2.20/scd/app-openpgp.c:1815:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idbuf[50];
data/gnupg2-2.2.20/scd/app-openpgp.c:1842:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (idbuf, "OPENPGP.%d", keyno+1);
data/gnupg2-2.2.20/scd/app-openpgp.c:1957:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*pk, buf, *pklen);
data/gnupg2-2.2.20/scd/app-openpgp.c:1997:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*cert, buffer, buflen);
data/gnupg2-2.2.20/scd/app-openpgp.c:2130:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dek[32];
data/gnupg2-2.2.20/scd/app-openpgp.c:2155:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pinvalue, dek, *r_pinlen);
data/gnupg2-2.2.20/scd/app-openpgp.c:2643:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chvno = atoi (chvnostr);
data/gnupg2-2.2.20/scd/app-openpgp.c:3035:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char privkey[7*(1+3+3)];
data/gnupg2-2.2.20/scd/app-openpgp.c:3037:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exthdr[2+2+3];
data/gnupg2-2.2.20/scd/app-openpgp.c:3039:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char suffix[2+3];
data/gnupg2-2.2.20/scd/app-openpgp.c:3120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, exthdr, exthdr_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3122:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, privkey, privkey_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3124:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, suffix, suffix_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3127:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_e, rsa_e_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3136:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_p, rsa_p_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_q, rsa_q_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3145:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_u, rsa_u_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3147:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_dp, rsa_dp_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3149:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_dq, rsa_dq_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3156:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_n, rsa_n_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3175:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char privkey[2+2];
data/gnupg2-2.2.20/scd/app-openpgp.c:3177:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exthdr[2+2+1];
data/gnupg2-2.2.20/scd/app-openpgp.c:3179:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char suffix[2+1];
data/gnupg2-2.2.20/scd/app-openpgp.c:3234:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, exthdr, exthdr_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3236:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, privkey, privkey_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3238:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, suffix, suffix_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3241:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, ecc_d, ecc_d_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3246:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, ecc_q, ecc_q_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3359:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (string, value, valuelen);
data/gnupg2-2.2.20/scd/app-openpgp.c:3414:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (string+1, oidbuf+1, oid_len-1);
data/gnupg2-2.2.20/scd/app-openpgp.c:3446:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fprbuf[20];
data/gnupg2-2.2.20/scd/app-openpgp.c:3690:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_e, rsa_e_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3701:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_p, rsa_p_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3706:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tp, rsa_q, rsa_q_len);
data/gnupg2-2.2.20/scd/app-openpgp.c:3760:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fprbuf[20];
data/gnupg2-2.2.20/scd/app-openpgp.c:3794:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (curve_name, tok, toklen);
data/gnupg2-2.2.20/scd/app-openpgp.c:3936:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (keyattr+1, oidbuf+1, oid_len-1);
data/gnupg2-2.2.20/scd/app-openpgp.c:4096:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[30];
data/gnupg2-2.2.20/scd/app-openpgp.c:4101:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int keyno = atoi (keynostr) - 1;
data/gnupg2-2.2.20/scd/app-openpgp.c:4183:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%u", created_at);
data/gnupg2-2.2.20/scd/app-openpgp.c:4269:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[20];
data/gnupg2-2.2.20/scd/app-openpgp.c:4307:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char rmd160_prefix[15] = /* Object ID is 1.3.36.3.2.1 */
data/gnupg2-2.2.20/scd/app-openpgp.c:4310:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1_prefix[15] = /* (1.3.14.3.2.26) */
data/gnupg2-2.2.20/scd/app-openpgp.c:4313:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha224_prefix[19] = /* (2.16.840.1.101.3.4.2.4) */
data/gnupg2-2.2.20/scd/app-openpgp.c:4317:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha256_prefix[19] = /* (2.16.840.1.101.3.4.2.1) */
data/gnupg2-2.2.20/scd/app-openpgp.c:4321:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha384_prefix[19] = /* (2.16.840.1.101.3.4.2.2) */
data/gnupg2-2.2.20/scd/app-openpgp.c:4325:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha512_prefix[19] = /* (2.16.840.1.101.3.4.2.3) */
data/gnupg2-2.2.20/scd/app-openpgp.c:4330:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[19+64];
data/gnupg2-2.2.20/scd/app-openpgp.c:4332:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp_sn[20]; /* Actually 16 bytes but also for the fpr. */
data/gnupg2-2.2.20/scd/app-openpgp.c:4420:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, b ## _prefix, sizeof b ## _prefix); \
data/gnupg2-2.2.20/scd/app-openpgp.c:4421:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data + sizeof b ## _prefix, indata, indatalen); \
data/gnupg2-2.2.20/scd/app-openpgp.c:4439:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, indata, indatalen);
data/gnupg2-2.2.20/scd/app-openpgp.c:4528:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp_sn[20]; /* Actually 16 but we use it also for the fpr. */
data/gnupg2-2.2.20/scd/app-openpgp.c:4627:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp_sn[20]; /* actually 16 but we use it also for the fpr. */
data/gnupg2-2.2.20/scd/app-openpgp.c:4680:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
&& ((char *)indata)[0] == 0x02)
data/gnupg2-2.2.20/scd/app-openpgp.c:4727:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (fixbuf+fixuplen, indata, indatalen);
data/gnupg2-2.2.20/scd/app-openpgp.c:4801:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (fixbuf+fixuplen + 32 - old_format_len,
data/gnupg2-2.2.20/scd/app-openpgp.c:4806:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (fixbuf+fixuplen, indata, indatalen);
data/gnupg2-2.2.20/scd/app-openpgp.c:4854:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (fixbuf+1, *outdata, *outdatalen);
data/gnupg2-2.2.20/scd/app-openpgp.c:4888:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp_sn[20];
data/gnupg2-2.2.20/scd/app-openpgp.c:5067:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (oidbuf+1, buf, buflen);
data/gnupg2-2.2.20/scd/app-openpgp.c:5095:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char desc[3][5] = {"sign", "encr", "auth"};
data/gnupg2-2.2.20/scd/app-p15.c:486:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[10];
data/gnupg2-2.2.20/scd/app-p15.c:499:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmpbuf, "P15.");
data/gnupg2-2.2.20/scd/app-p15.c:1142:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prkdf->objid, objid, objidlen);
data/gnupg2-2.2.20/scd/app-p15.c:1154:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prkdf->authid, authid, authidlen);
data/gnupg2-2.2.20/scd/app-p15.c:1428:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cdf->objid, objid, objidlen);
data/gnupg2-2.2.20/scd/app-p15.c:1662:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aodf->authid, ppp, objlen);
data/gnupg2-2.2.20/scd/app-p15.c:1697:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aodf->objid, ppp, objlen);
data/gnupg2-2.2.20/scd/app-p15.c:2096:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/scd/app-p15.c:2105:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%lu", (unsigned long)aodf->pintype);
data/gnupg2-2.2.20/scd/app-p15.c:2275:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (app->app_local->serialno, p, objlen);
data/gnupg2-2.2.20/scd/app-p15.c:2453:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gripstr[40+1];
data/gnupg2-2.2.20/scd/app-p15.c:2544:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_cert, cdf->image, cdf->imagelen);
data/gnupg2-2.2.20/scd/app-p15.c:2628:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cdf->image, *r_cert, *r_certlen);
data/gnupg2-2.2.20/scd/app-p15.c:2726:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[12+2+1];
data/gnupg2-2.2.20/scd/app-p15.c:2727:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, p, 3);
data/gnupg2-2.2.20/scd/app-p15.c:2729:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp+4, p+3, 7);
data/gnupg2-2.2.20/scd/app-p15.c:2731:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp+12, p+10, 2);
data/gnupg2-2.2.20/scd/app-p15.c:2758:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msebuf[10];
data/gnupg2-2.2.20/scd/app-p15.c:2854:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1_prefix[15] = /* Object ID is 1.3.14.3.2.26 */
data/gnupg2-2.2.20/scd/app-p15.c:2857:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char rmd160_prefix[15] = /* Object ID is 1.3.36.3.2.1 */
data/gnupg2-2.2.20/scd/app-p15.c:2863:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[36]; /* Must be large enough for a SHA-1 digest
data/gnupg2-2.2.20/scd/app-p15.c:2940:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mse[5];
data/gnupg2-2.2.20/scd/app-p15.c:3122:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, indata, indatalen);
data/gnupg2-2.2.20/scd/app-p15.c:3136:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, indata, indatalen);
data/gnupg2-2.2.20/scd/app-p15.c:3142:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, sha1_prefix, 15);
data/gnupg2-2.2.20/scd/app-p15.c:3144:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, rmd160_prefix, 15);
data/gnupg2-2.2.20/scd/app-p15.c:3147:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data+15, indata, indatalen);
data/gnupg2-2.2.20/scd/app-p15.c:3167:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mse[3];
data/gnupg2-2.2.20/scd/app-p15.c:3398:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, "\xff\x01", 3);
data/gnupg2-2.2.20/scd/app-p15.c:3399:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p+3, app->serialno, app->serialnolen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:244:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdata[4];
data/gnupg2-2.2.20/scd/app-sc-hsm.c:769:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prkdf->objid, objid, objidlen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:856:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cdf->objid, prkdf->objid, objidlen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1086:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cdf->objid, objid, objidlen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1240:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (app->serialno, chr, chrlen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1374:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gripstr[40+1];
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1452:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*r_cert, cdf->image, cdf->imagelen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1528:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cdf->image, *r_cert, *r_certlen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1626:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buff, prefix, prefixlen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1628:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buff, dig, diglen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1678:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (hash, pp, objlen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1779:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char rmd160_prefix[15] = /* Object ID is 1.3.36.3.2.1 */
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1782:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1_prefix[15] = /* (1.3.14.3.2.26) */
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1785:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha224_prefix[19] = /* (2.16.840.1.101.3.4.2.4) */
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1789:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha256_prefix[19] = /* (2.16.840.1.101.3.4.2.1) */
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1793:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha384_prefix[19] = /* (2.16.840.1.101.3.4.2.2) */
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1797:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha512_prefix[19] = /* (2.16.840.1.101.3.4.2.3) */
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1803:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdsblk[256]; /* Raw PKCS#1 V1.5 block with padding
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1877:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cdsblk, indata, indatalen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1961:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, src, srclen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1980:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p1blk[256]; /* Enciphered P1 block */
data/gnupg2-2.2.20/scd/app-sc-hsm.c:2012:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p1blk, (unsigned char *)indata + (indatalen - p1blklen), p1blklen);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:2014:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p1blk + (p1blklen - indatalen), indata, indatalen);
data/gnupg2-2.2.20/scd/app.c:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/gnupg2-2.2.20/scd/app.c:528:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, "\xff\0", 3);
data/gnupg2-2.2.20/scd/app.c:529:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p+3, app->serialno, app->serialnolen);
data/gnupg2-2.2.20/scd/app.c:539:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, "\xff\x7f", 3);
data/gnupg2-2.2.20/scd/app.c:975:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char templ[50];
data/gnupg2-2.2.20/scd/app.c:980:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "w");
data/gnupg2-2.2.20/scd/app.c:997:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[9], *envs[2];
data/gnupg2-2.2.20/scd/app.c:998:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf1[30], numbuf2[30], numbuf3[30];
data/gnupg2-2.2.20/scd/app.c:1003:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf1, "%d", slot);
data/gnupg2-2.2.20/scd/app.c:1004:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf2, "0x%04X", old_status);
data/gnupg2-2.2.20/scd/app.c:1005:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf3, "0x%04X", cur_status);
data/gnupg2-2.2.20/scd/app.c:1118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[65];
data/gnupg2-2.2.20/scd/ccid-driver.c:218:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define CCID_ERROR_CODE(buf) (((unsigned char *)(buf))[8])
data/gnupg2-2.2.20/scd/ccid-driver.c:261:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char intr_buf[64];
data/gnupg2-2.2.20/scd/ccid-driver.c:338:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gnupg2-2.2.20/scd/ccid-driver.c:369:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "Parameter error at offset %d", ec);
data/gnupg2-2.2.20/scd/ccid-driver.c:371:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "Error code %02X", ec);
data/gnupg2-2.2.20/scd/ccid-driver.c:941:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[280];
data/gnupg2-2.2.20/scd/ccid-driver.c:1010:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (result+n, "%%%02X", *s);
data/gnupg2-2.2.20/scd/ccid-driver.c:1030:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[20];
data/gnupg2-2.2.20/scd/ccid-driver.c:1032:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (prefix, "%04X:%04X:", (vendor & 0xffff), (product & 0xffff));
data/gnupg2-2.2.20/scd/ccid-driver.c:1040:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (rid, "X:0");
data/gnupg2-2.2.20/scd/ccid-driver.c:1364:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ifcdesc_extra, ifcdesc->extra, ifcdesc->extra_length);
data/gnupg2-2.2.20/scd/ccid-driver.c:1741:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[100];
data/gnupg2-2.2.20/scd/ccid-driver.c:2098:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummybuf[8];
data/gnupg2-2.2.20/scd/ccid-driver.c:2099:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[100];
data/gnupg2-2.2.20/scd/ccid-driver.c:2216:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[100];
data/gnupg2-2.2.20/scd/ccid-driver.c:2232:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (msg+10, data, datalen);
data/gnupg2-2.2.20/scd/ccid-driver.c:2253:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, msg, msglen);
data/gnupg2-2.2.20/scd/ccid-driver.c:2283:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[10];
data/gnupg2-2.2.20/scd/ccid-driver.c:2335:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[100];
data/gnupg2-2.2.20/scd/ccid-driver.c:2555:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[100];
data/gnupg2-2.2.20/scd/ccid-driver.c:2563:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char param[7] = { /* For Protocol T=1 */
data/gnupg2-2.2.20/scd/ccid-driver.c:2633:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (atr, msg+10, n);
data/gnupg2-2.2.20/scd/ccid-driver.c:2714:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&msg[10], param, 7);
data/gnupg2-2.2.20/scd/ccid-driver.c:2847:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[CCID_MAX_BUF];
data/gnupg2-2.2.20/scd/ccid-driver.c:2874:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (msg+10, apdu_p, apdu_part_len);
data/gnupg2-2.2.20/scd/ccid-driver.c:2901:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (resp + apdu_len, msg+10, apdu_part_len);
data/gnupg2-2.2.20/scd/ccid-driver.c:3004:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char send_buffer[11+259], recv_buffer[11+259];
data/gnupg2-2.2.20/scd/ccid-driver.c:3080:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tpdu+3, apdu, apdulen);
data/gnupg2-2.2.20/scd/ccid-driver.c:3200:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (resp, p, n);
data/gnupg2-2.2.20/scd/ccid-driver.c:3360:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char send_buffer[10+259], recv_buffer[10+259];
data/gnupg2-2.2.20/scd/ccid-driver.c:3597:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (resp, tpdu, tpdulen);
data/gnupg2-2.2.20/scd/ccid-driver.c:3648:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (resp, p, n);
data/gnupg2-2.2.20/scd/ccid-driver.c:3697:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/gnupg2-2.2.20/scd/ccid-driver.c:3714:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf (buf, "0x%05x", err); p = buf; break;
data/gnupg2-2.2.20/scd/ccid-driver.c:3753:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char result[512];
data/gnupg2-2.2.20/scd/command.c:187:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : -1;
data/gnupg2-2.2.20/scd/command.c:634:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, ctrl->in_data.value, ctrl->in_data.valuelen);
data/gnupg2-2.2.20/scd/command.c:1421:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/scd/command.c:1437:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/gnupg2-2.2.20/scd/command.c:1604:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexbuf[400];
data/gnupg2-2.2.20/scd/command.c:1857:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[950], *p;
data/gnupg2-2.2.20/scd/command.c:1881:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *value);
data/gnupg2-2.2.20/scd/iso7816.c:146:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tagbuf[2];
data/gnupg2-2.2.20/scd/iso7816.c:164:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100];
data/gnupg2-2.2.20/scd/iso7816.c:329:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, oldchv, oldchvlen);
data/gnupg2-2.2.20/scd/iso7816.c:330:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf+oldchvlen, newchv, newchvlen);
data/gnupg2-2.2.20/scd/iso7816.c:526:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf+1, data, datalen);
data/gnupg2-2.2.20/scd/iso7816.c:710:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, result, resultlen);
data/gnupg2-2.2.20/scd/iso7816.c:790:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*result + *resultlen, buffer, bufferlen);
data/gnupg2-2.2.20/scd/scdaemon.c:331:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rvalue, &thread, len);
data/gnupg2-2.2.20/scd/scdaemon.c:345:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numlvl = numok? atoi (level) : 0;
data/gnupg2-2.2.20/scd/scdaemon.c:536:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
configfp = fopen (configname, "r");
data/gnupg2-2.2.20/scd/scdaemon.c:931:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
&& open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
data/gnupg2-2.2.20/scd/scdaemon.c:1406:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/gnupg2-2.2.20/scd/scdaemon.c:1430:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char threadname[50];
data/gnupg2-2.2.20/sm/call-agent.c:268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:301:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "SETHASH %d ", digestalgo);
data/gnupg2-2.2.20/sm/call-agent.c:304:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%02X", digest[i]);
data/gnupg2-2.2.20/sm/call-agent.c:338:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:371:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%02X", digest[i]);
data/gnupg2-2.2.20/sm/call-agent.c:401:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%u:", (unsigned int)sigbuflen);
data/gnupg2-2.2.20/sm/call-agent.c:403:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, sigbuf, sigbuflen);
data/gnupg2-2.2.20/sm/call-agent.c:405:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (p, ")))");
data/gnupg2-2.2.20/sm/call-agent.c:447:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:628:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:682:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, line, s-line);
data/gnupg2-2.2.20/sm/call-agent.c:859:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:902:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:945:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:1089:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:1125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:1177:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*serialno, s, s2 - s);
data/gnupg2-2.2.20/sm/call-agent.c:1193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:1234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:1285:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-agent.c:1376:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-dirmngr.c:67:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/call-dirmngr.c:129:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (mb->buf + mb->len, buf, len);
data/gnupg2-2.2.20/sm/call-dirmngr.c:221:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-dirmngr.c:372:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[41];
data/gnupg2-2.2.20/sm/call-dirmngr.c:504:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-dirmngr.c:769:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-dirmngr.c:852:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ASSUAN_LINELENGTH];
data/gnupg2-2.2.20/sm/call-dirmngr.c:853:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexfpr[2*20+1];
data/gnupg2-2.2.20/sm/call-dirmngr.c:957:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpr[41];
data/gnupg2-2.2.20/sm/call-dirmngr.c:1055:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *(const unsigned char *)s);
data/gnupg2-2.2.20/sm/certchain.c:45:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/certchain.c:71:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/certchain.c:87:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/certchain.c:97:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r->fpr, fpr, 20);
data/gnupg2-2.2.20/sm/certchain.c:339:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (opt.policy_file, "r");
data/gnupg2-2.2.20/sm/certchain.c:362:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, line[256];
data/gnupg2-2.2.20/sm/certchain.c:549:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/certchain.c:1541:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/gnupg2-2.2.20/sm/certchain.c:1782:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/sm/certchain.c:1783:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%d", rc);
data/gnupg2-2.2.20/sm/certchain.c:1896:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/gnupg2-2.2.20/sm/certchain.c:2140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3];
data/gnupg2-2.2.20/sm/certchain.c:2142:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/gnupg2-2.2.20/sm/certcheck.c:119:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (frame, gcry_md_read (md, algo), nframe);
data/gnupg2-2.2.20/sm/certcheck.c:128:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char asn[100];
data/gnupg2-2.2.20/sm/certcheck.c:168:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( frame+n, asn, asnlen ); n += asnlen;
data/gnupg2-2.2.20/sm/certcheck.c:169:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( frame+n, gcry_md_read(md, algo), len ); n += len;
data/gnupg2-2.2.20/sm/certdump.c:130:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer+i, "%02X", *(unsigned char *)p);
data/gnupg2-2.2.20/sm/certdump.c:332:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, string, n);
data/gnupg2-2.2.20/sm/certdump.c:698:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p + c->len, buffer, size);
data/gnupg2-2.2.20/sm/certdump.c:787:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *(const unsigned char*)s);
data/gnupg2-2.2.20/sm/certdump.c:809:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char created[20];
data/gnupg2-2.2.20/sm/certdump.c:810:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expires[20];
data/gnupg2-2.2.20/sm/certdump.c:825:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (created, "%.4s-%.2s-%.2s", t, t+4, t+6);
data/gnupg2-2.2.20/sm/certdump.c:830:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (expires, "%.4s-%.2s-%.2s", t, t+4, t+6);
data/gnupg2-2.2.20/sm/certreqgen-ui.c:167:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selection = *answer? atoi (answer): 1;
data/gnupg2-2.2.20/sm/certreqgen-ui.c:182:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nbits = *answer? atoi (answer): defbits;
data/gnupg2-2.2.20/sm/certreqgen-ui.c:294:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selection = atoi (answer);
data/gnupg2-2.2.20/sm/certreqgen-ui.c:328:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
selection = *answer? atoi (answer): 1;
data/gnupg2-2.2.20/sm/certreqgen-ui.c:364:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (_("22 translator: see "
data/gnupg2-2.2.20/sm/certreqgen-ui.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[30];
data/gnupg2-2.2.20/sm/certreqgen.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1];
data/gnupg2-2.2.20/sm/certreqgen.c:168:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi( r->u.value );
data/gnupg2-2.2.20/sm/certreqgen.c:257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024], *p;
data/gnupg2-2.2.20/sm/certreqgen.c:437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/gnupg2-2.2.20/sm/certreqgen.c:438:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keyparms[100];
data/gnupg2-2.2.20/sm/certreqgen.c:721:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%u", nbits);
data/gnupg2-2.2.20/sm/certreqgen.c:801:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[30];
data/gnupg2-2.2.20/sm/certreqgen.c:927:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char der[4];
data/gnupg2-2.2.20/sm/certreqgen.c:983:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char snbuf[3+8+1];
data/gnupg2-2.2.20/sm/certreqgen.c:985:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (snbuf, "(8:", 3);
data/gnupg2-2.2.20/sm/certreqgen.c:1025:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, hexbuf, len);
data/gnupg2-2.2.20/sm/certreqgen.c:1230:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (oidstr, string, (s-string));
data/gnupg2-2.2.20/sm/certreqgen.c:1284:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/sm/certreqgen.c:1285:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexgrip[41];
data/gnupg2-2.2.20/sm/decrypt.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iv[16];
data/gnupg2-2.2.20/sm/decrypt.c:46:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lastblock[16]; /* to strip the padding we have to
data/gnupg2-2.2.20/sm/decrypt.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helpblock[16]; /* needed because there is no block buffering in
data/gnupg2-2.2.20/sm/decrypt.c:192:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (outbuf, parm->lastblock, blklen);
data/gnupg2-2.2.20/sm/decrypt.c:212:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (parm->helpblock, (const char*)inbuf+inlen, parm->helpblocklen);
data/gnupg2-2.2.20/sm/decrypt.c:223:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (outbuf, parm->lastblock, blklen);
data/gnupg2-2.2.20/sm/decrypt.c:224:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (parm->lastblock,(char*)outbuf+inlen, blklen);
data/gnupg2-2.2.20/sm/decrypt.c:230:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (parm->lastblock, (char*)outbuf+inlen-blklen, blklen);
data/gnupg2-2.2.20/sm/decrypt.c:346:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/sm/decrypt.c:347:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%d", rc);
data/gnupg2-2.2.20/sm/decrypt.c:399:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kidbuf[16+1];
data/gnupg2-2.2.20/sm/decrypt.c:469:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/sm/decrypt.c:470:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%d", rc);
data/gnupg2-2.2.20/sm/decrypt.c:488:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kidstr[10+1];
data/gnupg2-2.2.20/sm/delete.c:80:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/delete.c:91:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr2[20];
data/gnupg2-2.2.20/sm/encrypt.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[32];
data/gnupg2-2.2.20/sm/encrypt.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iv[32];
data/gnupg2-2.2.20/sm/encrypt.c:158:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (p, "(data\n (flags pkcs1)\n (value #");
data/gnupg2-2.2.20/sm/encrypt.c:160:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (p, "#))\n");
data/gnupg2-2.2.20/sm/encrypt.c:485:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kidstr[10+1];
data/gnupg2-2.2.20/sm/export.c:52:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[19];
data/gnupg2-2.2.20/sm/export.c:121:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (t->fpr, fpr+1, 19);
data/gnupg2-2.2.20/sm/export.c:211:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/fingerprint.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (array, gcry_md_read(md, algo), len );
data/gnupg2-2.2.20/sm/fingerprint.c:110:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[MAX_DIGEST_LEN];
data/gnupg2-2.2.20/sm/fingerprint.c:130:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[MAX_DIGEST_LEN];
data/gnupg2-2.2.20/sm/fingerprint.c:151:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20];
data/gnupg2-2.2.20/sm/fingerprint.c:209:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/sm/fingerprint.c:232:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[128];
data/gnupg2-2.2.20/sm/fingerprint.c:269:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (namebuf, name, n);
data/gnupg2-2.2.20/sm/fingerprint.c:297:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[20];
data/gnupg2-2.2.20/sm/fingerprint.c:337:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (endp, "%02X", hash[i]);
data/gnupg2-2.2.20/sm/fingerprint.c:340:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (endp, "%02X", ((unsigned char*)p)[i]);
data/gnupg2-2.2.20/sm/gpgsm.c:684:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numlvl = numok? atoi (debug_level) : 0;
data/gnupg2-2.2.20/sm/gpgsm.c:841:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server->port = atoi (p);
data/gnupg2-2.2.20/sm/gpgsm.c:1037:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
configfp = fopen (configname, "r");
data/gnupg2-2.2.20/sm/gpgsm.c:1699:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *filelist[2];
data/gnupg2-2.2.20/sm/gpgsm.c:2209:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_RDONLY | O_BINARY);
data/gnupg2-2.2.20/sm/import.c:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[25];
data/gnupg2-2.2.20/sm/import.c:102:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%d", reason);
data/gnupg2-2.2.20/sm/import.c:123:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[14*25];
data/gnupg2-2.2.20/sm/import.c:145:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
data/gnupg2-2.2.20/sm/import.c:405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100]; /* Sufficient for a fingerprint. */
data/gnupg2-2.2.20/sm/import.c:701:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/sm/import.c:718:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grip[20];
data/gnupg2-2.2.20/sm/keydb.c:208:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (filename, "wb");
data/gnupg2-2.2.20/sm/keydb.c:303:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen( filename, "rb" );
data/gnupg2-2.2.20/sm/keydb.c:766:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20];
data/gnupg2-2.2.20/sm/keydb.c:807:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20];
data/gnupg2-2.2.20/sm/keydb.c:1054:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (desc.u.fpr, fpr, 20);
data/gnupg2-2.2.20/sm/keydb.c:1119:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/keydb.c:1207:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fpr[20];
data/gnupg2-2.2.20/sm/keylist.c:255:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1];
data/gnupg2-2.2.20/sm/keylist.c:382:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char truststring[2];
data/gnupg2-2.2.20/sm/keylist.c:1314:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1];
data/gnupg2-2.2.20/sm/minip12.c:88:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_data[9] = {
data/gnupg2-2.2.20/sm/minip12.c:90:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_encryptedData[9] = {
data/gnupg2-2.2.20/sm/minip12.c:92:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_pkcs_12_keyBag[11] = {
data/gnupg2-2.2.20/sm/minip12.c:94:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_pkcs_12_pkcs_8ShroudedKeyBag[11] = {
data/gnupg2-2.2.20/sm/minip12.c:96:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_pkcs_12_CertBag[11] = {
data/gnupg2-2.2.20/sm/minip12.c:98:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_pkcs_12_CrlBag[11] = {
data/gnupg2-2.2.20/sm/minip12.c:101:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_pbeWithSHAAnd3_KeyTripleDES_CBC[10] = {
data/gnupg2-2.2.20/sm/minip12.c:103:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_pbeWithSHAAnd40BitRC2_CBC[10] = {
data/gnupg2-2.2.20/sm/minip12.c:105:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_x509Certificate_for_pkcs_12[10] = {
data/gnupg2-2.2.20/sm/minip12.c:108:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_pkcs5PBKDF2[9] = {
data/gnupg2-2.2.20/sm/minip12.c:110:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_pkcs5PBES2[9] = {
data/gnupg2-2.2.20/sm/minip12.c:112:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_aes128_CBC[9] = {
data/gnupg2-2.2.20/sm/minip12.c:115:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const oid_rsaEncryption[9] = {
data/gnupg2-2.2.20/sm/minip12.c:119:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const data_3desiter2048[30] = {
data/gnupg2-2.2.20/sm/minip12.c:126:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const data_rc2iter2048[30] = {
data/gnupg2-2.2.20/sm/minip12.c:133:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const data_mactemplate[51] = {
data/gnupg2-2.2.20/sm/minip12.c:144:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const data_attrtemplate[106] = {
data/gnupg2-2.2.20/sm/minip12.c:304:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (d, s, ti.length);
data/gnupg2-2.2.20/sm/minip12.c:338:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[20], buf_b[64], buf_i[128], *p;
data/gnupg2-2.2.20/sm/minip12.c:379:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (hash, gcry_md_read (md, 0), 20);
data/gnupg2-2.2.20/sm/minip12.c:432:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keybuf[24];
data/gnupg2-2.2.20/sm/minip12.c:624:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (plaintext, ciphertext, length);
data/gnupg2-2.2.20/sm/minip12.c:675:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char salt[20];
data/gnupg2-2.2.20/sm/minip12.c:677:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iv[16];
data/gnupg2-2.2.20/sm/minip12.c:784:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (salt, p, saltlen);
data/gnupg2-2.2.20/sm/minip12.c:816:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv, p, sizeof iv);
data/gnupg2-2.2.20/sm/minip12.c:833:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (salt, p, saltlen);
data/gnupg2-2.2.20/sm/minip12.c:1187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char salt[20];
data/gnupg2-2.2.20/sm/minip12.c:1189:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iv[16];
data/gnupg2-2.2.20/sm/minip12.c:1309:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (salt, p, saltlen);
data/gnupg2-2.2.20/sm/minip12.c:1341:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv, p, sizeof iv);
data/gnupg2-2.2.20/sm/minip12.c:1358:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (salt, p, saltlen);
data/gnupg2-2.2.20/sm/minip12.c:1736:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char salt[8];
data/gnupg2-2.2.20/sm/minip12.c:1737:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keybuf[20];
data/gnupg2-2.2.20/sm/minip12.c:1807:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, oid_data, DIM (oid_data));
data/gnupg2-2.2.20/sm/minip12.c:1823:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, sequences[i].buffer, sequences[i].length);
data/gnupg2-2.2.20/sm/minip12.c:1855:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, data_mactemplate, DIM (data_mactemplate));
data/gnupg2-2.2.20/sm/minip12.c:1856:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p + DATA_MACTEMPLATE_SALT_OFF, salt, 8);
data/gnupg2-2.2.20/sm/minip12.c:1857:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p + DATA_MACTEMPLATE_MAC_OFF, gcry_md_read (md, 0), 20);
data/gnupg2-2.2.20/sm/minip12.c:1980:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, oid_rsaEncryption, DIM (oid_rsaEncryption));
data/gnupg2-2.2.20/sm/minip12.c:2104:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, oid_data, DIM (oid_data));
data/gnupg2-2.2.20/sm/minip12.c:2120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, oid_pkcs_12_pkcs_8ShroudedKeyBag,
data/gnupg2-2.2.20/sm/minip12.c:2131:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, data_3desiter2048, DIM (data_3desiter2048));
data/gnupg2-2.2.20/sm/minip12.c:2132:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p + DATA_3DESITER2048_SALT_OFF, salt, 8);
data/gnupg2-2.2.20/sm/minip12.c:2137:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, buffer, buflen);
data/gnupg2-2.2.20/sm/minip12.c:2145:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, data_attrtemplate, DIM (data_attrtemplate));
data/gnupg2-2.2.20/sm/minip12.c:2149:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, sha1hash, 20);
data/gnupg2-2.2.20/sm/minip12.c:2221:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, oid_encryptedData, DIM (oid_encryptedData));
data/gnupg2-2.2.20/sm/minip12.c:2240:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, oid_data, DIM (oid_data));
data/gnupg2-2.2.20/sm/minip12.c:2244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, data_rc2iter2048, DIM (data_rc2iter2048));
data/gnupg2-2.2.20/sm/minip12.c:2245:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p + DATA_RC2ITER2048_SALT_OFF, salt, 8);
data/gnupg2-2.2.20/sm/minip12.c:2250:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, buffer, buflen);
data/gnupg2-2.2.20/sm/minip12.c:2329:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, oid_pkcs_12_CertBag, DIM (oid_pkcs_12_CertBag));
data/gnupg2-2.2.20/sm/minip12.c:2341:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, oid_x509Certificate_for_pkcs_12,
data/gnupg2-2.2.20/sm/minip12.c:2350:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, buffer, buflen);
data/gnupg2-2.2.20/sm/minip12.c:2356:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, data_attrtemplate, DIM (data_attrtemplate));
data/gnupg2-2.2.20/sm/minip12.c:2360:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, sha1hash, 20);
data/gnupg2-2.2.20/sm/minip12.c:2389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char salt[8];
data/gnupg2-2.2.20/sm/minip12.c:2392:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sha1hash[20];
data/gnupg2-2.2.20/sm/minip12.c:2393:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyidstr[8+1];
data/gnupg2-2.2.20/sm/minip12.c:2450:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyidstr, "%02x%02x%02x%02x",
data/gnupg2-2.2.20/sm/minip12.c:2568:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (argv[1], "rb");
data/gnupg2-2.2.20/sm/passphrase.c:58:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/gnupg2-2.2.20/sm/passphrase.c:75:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pw, pw2, i);
data/gnupg2-2.2.20/sm/qualified.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, line[256];
data/gnupg2-2.2.20/sm/qualified.c:62:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listfp = fopen (listname, "r");
data/gnupg2-2.2.20/sm/qualified.c:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[41];
data/gnupg2-2.2.20/sm/qualified.c:151:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mycountry[3];
data/gnupg2-2.2.20/sm/qualified.c:240:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *(unsigned char *)s);
data/gnupg2-2.2.20/sm/qualified.c:309:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%%%02X", *(unsigned char *)s);
data/gnupg2-2.2.20/sm/server.c:211:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : -1;
data/gnupg2-2.2.20/sm/server.c:219:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/sm/server.c:240:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/sm/server.c:245:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/sm/server.c:250:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/sm/server.c:267:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/sm/server.c:276:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? atoi (value) : 0;
data/gnupg2-2.2.20/sm/server.c:289:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = *value? !!atoi (value) : 1;
data/gnupg2-2.2.20/sm/server.c:1129:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/sm/server.c:1460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/gnupg2-2.2.20/sm/server.c:1462:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%u", (unsigned int)ec);
data/gnupg2-2.2.20/sm/server.c:1473:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/gnupg2-2.2.20/sm/sign.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/sm/sign.c:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/sm/sign.c:492:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kidstr[10+1];
data/gnupg2-2.2.20/sm/sign.c:554:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1];
data/gnupg2-2.2.20/sm/verify.c:44:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buffer, "none");
data/gnupg2-2.2.20/sm/verify.c:46:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "%.4s-%.2s-%.2s", atime, atime+4, atime+6);
data/gnupg2-2.2.20/sm/verify.c:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/sm/verify.c:435:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/sm/verify.c:436:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%d", rc);
data/gnupg2-2.2.20/sm/verify.c:461:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kidstr[10+1];
data/gnupg2-2.2.20/sm/verify.c:642:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qualbuffer[1];
data/gnupg2-2.2.20/sm/verify.c:689:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[50];
data/gnupg2-2.2.20/sm/verify.c:690:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%d", rc );
data/gnupg2-2.2.20/tests/asschk.c:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/gnupg2-2.2.20/tests/asschk.c:178:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char recv_line[MAX_LINELEN];
data/gnupg2-2.2.20/tests/asschk.c:283:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pending[MAX_LINELEN];
data/gnupg2-2.2.20/tests/asschk.c:297:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, pending, pending_len);
data/gnupg2-2.2.20/tests/asschk.c:335:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pending, p + 1, n);
data/gnupg2-2.2.20/tests/asschk.c:383:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1026];
data/gnupg2-2.2.20/tests/asschk.c:444:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open ("/dev/null", O_WRONLY);
data/gnupg2-2.2.20/tests/asschk.c:488:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fd = atoi (var->value);
data/gnupg2-2.2.20/tests/asschk.c:526:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fd = atoi (var->value);
data/gnupg2-2.2.20/tests/asschk.c:562:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (p, "%u", var->count);
data/gnupg2-2.2.20/tests/asschk.c:628:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, value, valuelen);
data/gnupg2-2.2.20/tests/asschk.c:642:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, src, n);
data/gnupg2-2.2.20/tests/asschk.c:643:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst + n, value, valuelen);
data/gnupg2-2.2.20/tests/asschk.c:780:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/gnupg2-2.2.20/tests/asschk.c:783:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (arg, O_RDONLY);
data/gnupg2-2.2.20/tests/asschk.c:788:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%d", fd);
data/gnupg2-2.2.20/tests/asschk.c:796:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[20];
data/gnupg2-2.2.20/tests/asschk.c:799:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (arg, O_WRONLY|O_CREAT|O_TRUNC, 0666);
data/gnupg2-2.2.20/tests/asschk.c:804:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numbuf, "%d", fd);
data/gnupg2-2.2.20/tests/asschk.c:846:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer1[2048]; /* note: both must be of equal size. */
data/gnupg2-2.2.20/tests/asschk.c:847:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[2048];
data/gnupg2-2.2.20/tests/asschk.c:869:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp1 = fopen (arg, "rb");
data/gnupg2-2.2.20/tests/asschk.c:875:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp2 = fopen (second, "rb");
data/gnupg2-2.2.20/tests/asschk.c:1031:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2048];
data/gnupg2-2.2.20/tests/gpgscm/ffi-private.h:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ffi_error_message[256]; \
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:285:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (pathname, flags, mode);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:349:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_PATH+1];
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:368:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX];
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:370:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:991:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_buf[BUFFER_SIZE], b_buf[BUFFER_SIZE];
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1001:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
a_stream = fopen (a_name, mode);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1005:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
b_stream = fopen (b_name, mode);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1067:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1371:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffi_define_function (sc, open);
data/gnupg2-2.2.20/tests/gpgscm/main.c:159:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
h = fopen (file_name, "r");
data/gnupg2-2.2.20/tests/gpgscm/main.c:171:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
h = fopen (qualified_name, "r");
data/gnupg2-2.2.20/tests/gpgscm/scheme-private.h:190:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuff[LINESIZE];
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:351:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char charnames[32][3]={
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:451:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[31]; /* strlen ("call-with-current-continuation") + 1 */
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:454:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg_tests_encoding[3];
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:665:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof *src);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1380:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (q, str, len_str);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1459:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[40];
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1486:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buffer, sc->strbuff, sc->strbuff_size);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1565:29: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return (mk_integer(sc, atol(q)));
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1571:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[STRBUFFSIZE];
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1766:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1874:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(string_value(fname), "r");
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1913:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f=fopen(fn,rw);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:2080:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, start, old_size);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:2876:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[STRBUFFSIZE];
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:3466:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[STRBUFFSIZE];
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:4559:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pos, strvalue(car(x)), strlength(car(x)));
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:5996:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin=fopen(file_name,"r");
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:6006:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin=fopen(file_name,"r");
data/gnupg2-2.2.20/tests/gpgscm/t-child.c:33:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[80];
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:72:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
source = fopen (fname, "r");
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:79:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sink = fopen (fname_new, "w");
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:231:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_stream = fopen (logfile, "a");
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:272:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/tools/ccidmon.c:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[50];
data/gnupg2-2.2.20/tools/ccidmon.c:69:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[2000];
data/gnupg2-2.2.20/tools/ccidmon.c:363:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gnupg2-2.2.20/tools/ccidmon.c:531:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gnupg2-2.2.20/tools/ccidmon.c:669:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bus = atoi (p);
data/gnupg2-2.2.20/tools/ccidmon.c:674:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dev = atoi (p);
data/gnupg2-2.2.20/tools/ccidmon.c:772:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[2000];
data/gnupg2-2.2.20/tools/ccidmon.c:862:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
usb_bus = atoi (argv[0]);
data/gnupg2-2.2.20/tools/ccidmon.c:864:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
usb_dev = atoi (s+1);
data/gnupg2-2.2.20/tools/gpg-check-pattern.c:270:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname, "rb");
data/gnupg2-2.2.20/tools/gpg-check-pattern.c:445:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2048];
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[1]; /* Name of file or program. */
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:149:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* Name of the variable. */
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1];
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:386:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[35];
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:422:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[35];
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:711:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, value, valuelen);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:725:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, src, n);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:726:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst + n, value, valuelen);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:903:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (name, mode);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:979:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (name, mode);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1043:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int fd = atoi (line);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1578:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
current_datasink = fopen (fname, "wb");
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1908:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1968:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (d->file, "rb");
data/gnupg2-2.2.20/tools/gpg-wks-client.c:448:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[2048];
data/gnupg2-2.2.20/tools/gpg-wks-client.c:555:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[3];
data/gnupg2-2.2.20/tools/gpg-wks-client.c:1138:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (((const char *)data)[n] == '\n')
data/gnupg2-2.2.20/tools/gpg-wks-client.c:1197:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[2];
data/gnupg2-2.2.20/tools/gpg-wks-server.c:819:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1364:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaxbuf[32]; /* Used for SHA-1 and SHA-256 */
data/gnupg2-2.2.20/tools/gpg-wks.h:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid[1];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1113:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1]; /* Helper buffer. */
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1153:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[5];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1185:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[9];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1228:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[6];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1263:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[5];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1624:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1711:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[6];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1875:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (arg_name, &desc[1], arg_len);
data/gnupg2-2.2.20/tools/gpgconf-comp.c:2092:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[4];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:2578:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUF_LEN];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:2728:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (src_filename, O_CREAT | O_EXCL | O_WRONLY, 0644);
data/gnupg2-2.2.20/tools/gpgconf-comp.c:3020:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (src_filename, O_CREAT | O_EXCL | O_WRONLY, 0644);
data/gnupg2-2.2.20/tools/gpgconf-comp.c:3326:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *src_filename[GC_BACKEND_NR];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:3327:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dest_filename[GC_BACKEND_NR];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:3328:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *orig_filename[GC_BACKEND_NR];
data/gnupg2-2.2.20/tools/gpgconf-comp.c:3604:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1];
data/gnupg2-2.2.20/tools/gpgconf.c:355:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[2];
data/gnupg2-2.2.20/tools/gpgconf.c:707:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[2];
data/gnupg2-2.2.20/tools/gpgparsemail.c:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_buf[10];
data/gnupg2-2.2.20/tools/gpgparsemail.c:185:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_fd_buf[50];
data/gnupg2-2.2.20/tools/gpgparsemail.c:199:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (data_fd_buf, "-&%d", data_fd);
data/gnupg2-2.2.20/tools/gpgparsemail.c:202:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open ("/dev/null", O_WRONLY);
data/gnupg2-2.2.20/tools/gpgparsemail.c:429:28: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
info->sig_file = tmpfile ();
data/gnupg2-2.2.20/tools/gpgparsemail.c:490:33: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
info->hash_file = tmpfile ();
data/gnupg2-2.2.20/tools/gpgparsemail.c:537:44: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
info->sig_file = tmpfile ();
data/gnupg2-2.2.20/tools/gpgparsemail.c:621:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[5000];
data/gnupg2-2.2.20/tools/gpgparsemail.c:799:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen (*argv, "rb");
data/gnupg2-2.2.20/tools/gpgsplit.c:555:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpout = fopen (outname, "wb");
data/gnupg2-2.2.20/tools/gpgsplit.c:788:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[20];
data/gnupg2-2.2.20/tools/gpgsplit.c:876:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ( !(fp = fopen (fname,"rb")) )
data/gnupg2-2.2.20/tools/gpgtar-create.c:290:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (fname, "/*"); /* Trailing slash is not allowed. */
data/gnupg2-2.2.20/tools/gpgtar-create.c:296:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (stpcpy (fname, dname), "/*");
data/gnupg2-2.2.20/tools/gpgtar-create.c:509:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastuname[32];
data/gnupg2-2.2.20/tools/gpgtar-create.c:538:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastgname[32];
data/gnupg2-2.2.20/tools/gpgtar-create.c:576:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (raw->name, hdr->name, namelen);
data/gnupg2-2.2.20/tools/gpgtar-create.c:587:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (raw->prefix, hdr->name, n);
data/gnupg2-2.2.20/tools/gpgtar-create.c:588:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (raw->name, hdr->name+n+1, namelen - n);
data/gnupg2-2.2.20/tools/gpgtar-create.c:617:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (raw->magic, "ustar", 6);
data/gnupg2-2.2.20/tools/gpgtar-create.c:658:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char record[RECORDSIZE];
data/gnupg2-2.2.20/tools/gpgtar-create.c:734:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char record[RECORDSIZE];
data/gnupg2-2.2.20/tools/gpgtar-create.c:794:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[4096];
data/gnupg2-2.2.20/tools/gpgtar-extract.c:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char record[RECORDSIZE];
data/gnupg2-2.2.20/tools/gpgtar-extract.c:200:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char record[RECORDSIZE];
data/gnupg2-2.2.20/tools/gpgtar-list.c:138:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (header->name, raw->prefix, n);
data/gnupg2-2.2.20/tools/gpgtar-list.c:144:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (header->name+n, raw->name, namelen);
data/gnupg2-2.2.20/tools/gpgtar-list.c:194:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char record[RECORDSIZE];
data/gnupg2-2.2.20/tools/gpgtar-list.c:236:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char record[RECORDSIZE];
data/gnupg2-2.2.20/tools/gpgtar-list.c:255:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modestr[10+1];
data/gnupg2-2.2.20/tools/gpgtar.c:212:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[1024];
data/gnupg2-2.2.20/tools/gpgtar.h:66:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/gnupg2-2.2.20/tools/gpgtar.h:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[8];
data/gnupg2-2.2.20/tools/gpgtar.h:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid[8];
data/gnupg2-2.2.20/tools/gpgtar.h:69:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gid[8];
data/gnupg2-2.2.20/tools/gpgtar.h:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[12];
data/gnupg2-2.2.20/tools/gpgtar.h:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtime[12];
data/gnupg2-2.2.20/tools/gpgtar.h:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checksum[8];
data/gnupg2-2.2.20/tools/gpgtar.h:73:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeflag[1];
data/gnupg2-2.2.20/tools/gpgtar.h:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkname[100];
data/gnupg2-2.2.20/tools/gpgtar.h:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[6];
data/gnupg2-2.2.20/tools/gpgtar.h:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[2];
data/gnupg2-2.2.20/tools/gpgtar.h:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[32];
data/gnupg2-2.2.20/tools/gpgtar.h:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gname[32];
data/gnupg2-2.2.20/tools/gpgtar.h:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devmajor[8];
data/gnupg2-2.2.20/tools/gpgtar.h:80:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devminor[8];
data/gnupg2-2.2.20/tools/gpgtar.h:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[155];
data/gnupg2-2.2.20/tools/gpgtar.h:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[12];
data/gnupg2-2.2.20/tools/gpgtar.h:124:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* Filename (dynamically extended). */
data/gnupg2-2.2.20/tools/make-dns-cert.c:46:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(keyfile,O_RDONLY);
data/gnupg2-2.2.20/tools/make-dns-cert.c:77:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1024];
data/gnupg2-2.2.20/tools/make-dns-cert.c:193:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printf ("make-dns-cert gnupg-svn%d\n", atoi (10+"$Revision$"));
data/gnupg2-2.2.20/tools/mime-maker.c:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* Name. */
data/gnupg2-2.2.20/tools/mime-maker.c:228:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[12];
data/gnupg2-2.2.20/tools/mime-maker.c:308:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (hdr->name, name, namelen);
data/gnupg2-2.2.20/tools/mime-maker.c:435:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (part->body, data, datalen);
data/gnupg2-2.2.20/tools/mime-parser.c:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[5000];
data/gnupg2-2.2.20/tools/rfc822parse.c:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1];
data/gnupg2-2.2.20/tools/rfc822parse.c:77:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char line[1];
data/gnupg2-2.2.20/tools/rfc822parse.c:274:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (name, "MIME-Version");
data/gnupg2-2.2.20/tools/rfc822parse.c:495:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (hdr->line, line, length);
data/gnupg2-2.2.20/tools/rfc822parse.c:786:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (t->data, buf, length);
data/gnupg2-2.2.20/tools/rfc822parse.c:807:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (t->data, old->data, n);
data/gnupg2-2.2.20/tools/rfc822parse.c:808:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (t->data + n, buf, length);
data/gnupg2-2.2.20/tools/rfc822parse.c:1301:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[5000];
data/gnupg2-2.2.20/tools/send-mail.c:37:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[3];
data/gnupg2-2.2.20/tools/sockprox.c:182:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFSIZ];
data/gnupg2-2.2.20/tools/sockprox.c:388:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
protocol_file = fopen (opt.protocol_file, "a");
data/gnupg2-2.2.20/tools/symcryptrun.c:355:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[CONFUCIUS_BUFSIZE];
data/gnupg2-2.2.20/tools/symcryptrun.c:366:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen (infile, "rb");
data/gnupg2-2.2.20/tools/symcryptrun.c:383:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (outfile, "wb");
data/gnupg2-2.2.20/tools/symcryptrun.c:496:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cacheid[40];
data/gnupg2-2.2.20/tools/symcryptrun.c:600:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CONFUCIUS_LINESIZE];
data/gnupg2-2.2.20/tools/symcryptrun.c:679:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[512];
data/gnupg2-2.2.20/tools/symcryptrun.c:819:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (infile, "/in");
data/gnupg2-2.2.20/tools/symcryptrun.c:832:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (outfile, "/out");
data/gnupg2-2.2.20/tools/symcryptrun.c:939:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
configfp = fopen (configname, "r");
data/gnupg2-2.2.20/tools/watchgnupg.c:195:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (c->buffer + c->len, line, n);
data/gnupg2-2.2.20/tools/watchgnupg.c:344:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi (*argv);
data/gnupg2-2.2.20/tools/watchgnupg.c:483:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/gnupg2-2.2.20/tools/wks-receive.c:280:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(value+valueoff) >= 2 )
data/gnupg2-2.2.20/tools/wks-util.c:591:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/gnupg2-2.2.20/tools/wks-util.c:674:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags->max_pending = atoi (value);
data/gnupg2-2.2.20/tools/wks-util.c:682:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags->protocol_version = atoi (value);
data/gnupg2-2.2.20/tools/wks-util.c:716:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gnupg2-2.2.20/tools/wks-util.c:765:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaxbuf[32]; /* Used for SHA-1 and SHA-256 */
data/gnupg2-2.2.20/tools/wks-util.c:828:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sha1buf[20];
data/gnupg2-2.2.20/tools/wks-util.c:956:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[2];
data/gnupg2-2.2.20/agent/cache.c:156:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (string) + 1;
data/gnupg2-2.2.20/agent/cache.c:386:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xtrycalloc (1, sizeof *r + strlen (key));
data/gnupg2-2.2.20/agent/call-pinentry.c:276:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (pidbuf, buffer, length);
data/gnupg2-2.2.20/agent/call-pinentry.c:771:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = d = xtrymalloc_secure (strlen ((const char*)s)+1);
data/gnupg2-2.2.20/agent/call-pinentry.c:842:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/agent/call-pinentry.c:1149:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen (pininfo->pin) > pininfo->max_digits)
data/gnupg2-2.2.20/agent/call-pinentry.c:1151:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (pininfo->pin) < pininfo->min_digits)
data/gnupg2-2.2.20/agent/call-scd.c:1146:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parm.keywordlen = strlen (name);
data/gnupg2-2.2.20/agent/call-scd.c:1149:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (8 + strlen (name) > DIM(line)-1)
data/gnupg2-2.2.20/agent/command-ssh.c:729:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *) string, strlen (string));
data/gnupg2-2.2.20/agent/command-ssh.c:939:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*line || line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/agent/command-ssh.c:942:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c=getc (cf->fp)) != EOF && c != '\n')
data/gnupg2-2.2.20/agent/command-ssh.c:1028:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (hexgrip) == 40 );
data/gnupg2-2.2.20/agent/command-ssh.c:1124:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hexgrip || strlen (hexgrip) != 40)
data/gnupg2-2.2.20/agent/command-ssh.c:1147:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hexgrip || strlen (hexgrip) != 40)
data/gnupg2-2.2.20/agent/command-ssh.c:1291:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
elems_n = strlen (elems);
data/gnupg2-2.2.20/agent/command-ssh.c:1396:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
elems_n = strlen (elems);
data/gnupg2-2.2.20/agent/command-ssh.c:1473:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
elems_n = strlen (elems);
data/gnupg2-2.2.20/agent/command-ssh.c:1569:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
elems_n = strlen (elems);
data/gnupg2-2.2.20/agent/command-ssh.c:1657:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
elems_n = strlen (elems);
data/gnupg2-2.2.20/agent/command-ssh.c:1769:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
elems_n = strlen (elems);
data/gnupg2-2.2.20/agent/command-ssh.c:2644:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (cf->item.hexgrip) == 40);
data/gnupg2-2.2.20/agent/command.c:943:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (newpasswd, strlen (newpasswd));
data/gnupg2-2.2.20/agent/command.c:1135:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (ttlbuf, "-");
data/gnupg2-2.2.20/agent/command.c:1139:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (flagsbuf, "D");
data/gnupg2-2.2.20/agent/command.c:1141:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (flagsbuf, "S");
data/gnupg2-2.2.20/agent/command.c:1143:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (flagsbuf, "c");
data/gnupg2-2.2.20/agent/command.c:1145:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (flagsbuf, "-");
data/gnupg2-2.2.20/agent/command.c:1221:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, string, strlen(string));
data/gnupg2-2.2.20/agent/command.c:1318:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dir_entry->d_name) != 44
data/gnupg2-2.2.20/agent/command.c:1321:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (hexgrip, dir_entry->d_name, 40);
data/gnupg2-2.2.20/agent/command.c:1384:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (pw);
data/gnupg2-2.2.20/agent/command.c:1489:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*cacheid || strlen (cacheid) > 50)
data/gnupg2-2.2.20/agent/command.c:1614:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*cacheid || strlen (cacheid) > 50)
data/gnupg2-2.2.20/agent/command.c:1943:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hex2str (passphrase, passphrase, strlen (passphrase)+1, NULL))
data/gnupg2-2.2.20/agent/command.c:2704:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vl = xtrymalloc (sizeof *vl + strlen (key) + valuelen);
data/gnupg2-2.2.20/agent/command.c:2710:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vl->off = strlen (key) + 1;
data/gnupg2-2.2.20/agent/command.c:2861:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/agent/command.c:2900:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/agent/command.c:2916:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/agent/command.c:2923:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/agent/command.c:2932:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/agent/command.c:2948:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, name, strlen (name)+1);
data/gnupg2-2.2.20/agent/command.c:2974:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, string, strlen (string)+1);
data/gnupg2-2.2.20/agent/command.c:2997:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/agent/command.c:3006:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/agent/command.c:3031:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/agent/command.c:3038:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/agent/cvt-openpgp.c:957:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (cache_value) < pi->max_length)
data/gnupg2-2.2.20/agent/cvt-openpgp.c:966:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (passphrase) < pi->max_length)
data/gnupg2-2.2.20/agent/divert-scd.c:59:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (want_sn_disp);
data/gnupg2-2.2.20/agent/divert-scd.c:187:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (n = strlen (string)) >= 3
data/gnupg2-2.2.20/agent/divert-scd.c:422:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buf, pi->pin, maxbuf-1);
data/gnupg2-2.2.20/agent/findkey.c:364:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comment_length = strlen (comment);
data/gnupg2-2.2.20/agent/findkey.c:365:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_len = strlen (in);
data/gnupg2-2.2.20/agent/findkey.c:422:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_len += strlen (ssh_fpr);
data/gnupg2-2.2.20/agent/findkey.c:468:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen (p);
data/gnupg2-2.2.20/agent/findkey.c:1083:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (algoname) >= algonamesize)
data/gnupg2-2.2.20/agent/findkey.c:1089:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (elems) >= elemssize)
data/gnupg2-2.2.20/agent/genkey.c:114:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite (pw, strlen (pw), 1, infp) != 1)
data/gnupg2-2.2.20/agent/genkey.c:143:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=((strlen (pw)+99)/100)*100; i > 0; i--)
data/gnupg2-2.2.20/agent/genkey.c:305:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (msg);
data/gnupg2-2.2.20/agent/gpg-agent.c:500:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/agent/gpg-agent.c:500:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/agent/gpg-agent.c:1070:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
data/gnupg2-2.2.20/agent/gpg-agent.c:1070:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
data/gnupg2-2.2.20/agent/gpg-agent.c:2347:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen (home) >= strlen (defhome+1)
data/gnupg2-2.2.20/agent/gpg-agent.c:2347:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen (home) >= strlen (defhome+1)
data/gnupg2-2.2.20/agent/gpg-agent.c:2348:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strcmp (home + strlen(home)
data/gnupg2-2.2.20/agent/gpg-agent.c:2349:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
- strlen (defhome+1), defhome+1)))
data/gnupg2-2.2.20/agent/learncard.c:142:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item = xtrycalloc (1, sizeof *item + strlen (line));
data/gnupg2-2.2.20/agent/learncard.c:211:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item = xtrycalloc (1, sizeof *item + strlen (p));
data/gnupg2-2.2.20/agent/learncard.c:237:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item = xtrycalloc (1, sizeof *item + keywordlen + 1 + strlen (data));
data/gnupg2-2.2.20/agent/pksign.c:49:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s && strlen (s) < 16)
data/gnupg2-2.2.20/agent/pksign.c:51:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen (s); i++)
data/gnupg2-2.2.20/agent/preset-passphrase.c:127:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read (0, passphrase, sizeof (passphrase) - 1);
data/gnupg2-2.2.20/agent/preset-passphrase.c:148:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
passphrase_esc = bin2hex (s, strlen (s), NULL);
data/gnupg2-2.2.20/agent/preset-passphrase.c:159:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (passphrase_esc, strlen (passphrase_esc));
data/gnupg2-2.2.20/agent/preset-passphrase.c:178:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (line, strlen (line));
data/gnupg2-2.2.20/agent/protect-tool.c:357:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resultlen = strlen (p);
data/gnupg2-2.2.20/agent/protect-tool.c:407:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resultlen = strlen (p);
data/gnupg2-2.2.20/agent/protect-tool.c:446:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resultlen = strlen (p);
data/gnupg2-2.2.20/agent/protect-tool.c:480:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite (p, strlen (p), 1, stdout);
data/gnupg2-2.2.20/agent/protect-tool.c:511:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite (p, strlen (p), 1, stdout);
data/gnupg2-2.2.20/agent/protect-tool.c:738:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (pw, strlen (pw));
data/gnupg2-2.2.20/agent/protect-tool.c:781:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen (passphrase);
data/gnupg2-2.2.20/agent/protect-tool.c:816:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hexgrip, p, (*p && p[strlen(p)-1] == '\n')? "":"\n", hexgrip);
data/gnupg2-2.2.20/agent/protect.c:571:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen (modestr), modestr,
data/gnupg2-2.2.20/agent/protect.c:573:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned int)strlen (countbuf), countbuf,
data/gnupg2-2.2.20/agent/protect.c:585:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*resultlen = strlen (p);
data/gnupg2-2.2.20/agent/protect.c:1461:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return gcry_kdf_derive (passphrase, strlen (passphrase),
data/gnupg2-2.2.20/agent/protect.c:1499:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ sizeof numbuf + strlen (idstring) + 1 + 1);
data/gnupg2-2.2.20/agent/protect.c:1506:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = stpcpy (p, smklen (numbuf, sizeof numbuf, strlen (idstring), NULL));
data/gnupg2-2.2.20/agent/trustlist.c:162:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/agent/trustlist.c:536:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (string);
data/gnupg2-2.2.20/agent/trustlist.c:553:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (buffer) <= nnew);
data/gnupg2-2.2.20/agent/trustlist.c:569:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t replstringlen = strlen (replstring);
data/gnupg2-2.2.20/agent/trustlist.c:582:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newname = xtrymalloc (strlen (name) + count*replstringlen + 1);
data/gnupg2-2.2.20/agent/trustlist.c:791:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, name, strlen (name), NULL, NULL);
data/gnupg2-2.2.20/build-aux/speedo/w32/exdll.h:118:3: [1] (buffer) lstrcpyn:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
lstrcpyn (str, th->text, maxlen);
data/gnupg2-2.2.20/build-aux/speedo/w32/exdll.h:130:3: [1] (buffer) lstrcpyn:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
lstrcpyn(th->text,str,g_stringsize);
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:734:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = &line[strlen (line)];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:776:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = &line[strlen (line)];
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1027:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_new_size = strlen (path) + 1 + strlen (dir) + 1;
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1027:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_new_size = strlen (path) + 1 + strlen (dir) + 1;
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1047:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (path_new, ";");
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1133:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_new_size = strlen (path) + 1;
data/gnupg2-2.2.20/build-aux/speedo/w32/g4wihelp.c:1149:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (path_new, ";");
data/gnupg2-2.2.20/common/argparse.c:318:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen (s);
data/gnupg2-2.2.20/common/argparse.c:465:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (fp);
data/gnupg2-2.2.20/common/argparse.c:583:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unread_buf[0] = getc (fp);
data/gnupg2-2.2.20/common/argparse.c:584:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unread_buf[1] = getc (fp);
data/gnupg2-2.2.20/common/argparse.c:585:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unread_buf[2] = getc (fp);
data/gnupg2-2.2.20/common/argparse.c:599:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (fp);
data/gnupg2-2.2.20/common/argparse.c:715:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*p && p[strlen(p)-1] == '\"' )
data/gnupg2-2.2.20/common/argparse.c:716:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p)-1] = 0;
data/gnupg2-2.2.20/common/argparse.c:895:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen( keyword );
data/gnupg2-2.2.20/common/argparse.c:1264:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (o->long_opt);
data/gnupg2-2.2.20/common/argparse.c:1309:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*s && s[strlen(s)] != '\n')
data/gnupg2-2.2.20/common/argparse.c:1499:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*p && p[strlen(p)] != '\n')
data/gnupg2-2.2.20/common/argparse.c:1510:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*p && p[strlen(p)] != '\n')
data/gnupg2-2.2.20/common/audit.c:651:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xtrymalloc (strlen (p) + strlen (issuer) + 2 + 1);
data/gnupg2-2.2.20/common/audit.c:651:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xtrymalloc (strlen (p) + strlen (issuer) + 2 + 1);
data/gnupg2-2.2.20/common/audit.c:681:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xtrymalloc (strlen (subject) + 1 + 1);
data/gnupg2-2.2.20/common/audit.c:1204:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (eventstr_msgstr + eventstr_msgidx[idx]);
data/gnupg2-2.2.20/common/dotlock.c:548:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read (fd, p, expected_len - nread);
data/gnupg2-2.2.20/common/dotlock.c:617:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = xtrymalloc (strlen (tname) + 1 + 1);
data/gnupg2-2.2.20/common/dotlock.c:621:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (lname, "x");
data/gnupg2-2.2.20/common/dotlock.c:678:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tnamelen = dirpartlen + 6 + 30 + strlen(nodename) + 10 + 1;
data/gnupg2-2.2.20/common/dotlock.c:687:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->nodename_len = strlen (nodename);
data/gnupg2-2.2.20/common/dotlock.c:690:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->nodename_off = strlen (h->tname);
data/gnupg2-2.2.20/common/dotlock.c:716:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( write (fd, nodename, strlen (nodename) ) != strlen (nodename) )
data/gnupg2-2.2.20/common/dotlock.c:716:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( write (fd, nodename, strlen (nodename) ) != strlen (nodename) )
data/gnupg2-2.2.20/common/dotlock.c:747:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->lockname = xtrymalloc (strlen (file_to_lock) + 6 );
data/gnupg2-2.2.20/common/dotlock.c:797:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->lockname = xtrymalloc ( strlen (file_to_lock) + 6 );
data/gnupg2-2.2.20/common/exechelp-w32.c:224:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen (s) + 1 + 2; /* (1 space, 2 quoting */
data/gnupg2-2.2.20/common/exechelp-w32.c:230:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen (s) + 1 + 2; /* (1 space, 2 quoting */
data/gnupg2-2.2.20/common/exechelp-w32ce.c:376:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (p);
data/gnupg2-2.2.20/common/exechelp-w32ce.c:382:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (p);
data/gnupg2-2.2.20/common/exechelp-w32ce.c:388:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (p);
data/gnupg2-2.2.20/common/exechelp-w32ce.c:391:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (fdbuf);
data/gnupg2-2.2.20/common/exechelp-w32ce.c:394:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen (s) + 1 + 2; /* (1 space, 2 quoting) */
data/gnupg2-2.2.20/common/exectool.c:91:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pname);
data/gnupg2-2.2.20/common/exectool.c:103:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rest = state->buffer + strlen (state->buffer);
data/gnupg2-2.2.20/common/exectool.c:115:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen (state->buffer) > strlen (pname)
data/gnupg2-2.2.20/common/exectool.c:115:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen (state->buffer) > strlen (pname)
data/gnupg2-2.2.20/common/exectool.c:596:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (input_string);
data/gnupg2-2.2.20/common/gettime.c:182:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(string) != 10 || string[4] != '-' || string[7] != '-' )
data/gnupg2-2.2.20/common/gettime.c:503:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (timestamp) >= 15 && timestamp[8] == 'T')
data/gnupg2-2.2.20/common/gettime.c:904:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (s) != 15 || s[8] != 'T'))
data/gnupg2-2.2.20/common/helpfile.c:66:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*line || line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/common/helpfile.c:69:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c=getc (fp)) != EOF && c != '\n')
data/gnupg2-2.2.20/common/helpfile.c:77:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = 0; /* Chop the LF. */
data/gnupg2-2.2.20/common/helpfile.c:169:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = xtrymalloc (strlen (dirname) + 6 + strlen (locname) + 4 + 1);
data/gnupg2-2.2.20/common/helpfile.c:169:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = xtrymalloc (strlen (dirname) + 6 + strlen (locname) + 4 + 1);
data/gnupg2-2.2.20/common/homedir.c:192:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = result = xmalloc (strlen (newdir) + 1 + 1);
data/gnupg2-2.2.20/common/homedir.c:199:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = result + strlen (result) - 1;
data/gnupg2-2.2.20/common/homedir.c:203:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (newdir[strlen (newdir)-1] == '/'
data/gnupg2-2.2.20/common/homedir.c:204:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| newdir[strlen (newdir)-1] == '\\' )
data/gnupg2-2.2.20/common/homedir.c:207:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = result + strlen (result) - 1;
data/gnupg2-2.2.20/common/homedir.c:216:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (newdir[strlen (newdir)-1] == '/')
data/gnupg2-2.2.20/common/homedir.c:219:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = result + strlen (result) - 1;
data/gnupg2-2.2.20/common/homedir.c:264:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = xmalloc (strlen (path) + 6 +1);
data/gnupg2-2.2.20/common/homedir.c:322:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = tmp + strlen (tmp) - 1;
data/gnupg2-2.2.20/common/homedir.c:365:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy (fname + strlen (fname) - 3, "ctl");
data/gnupg2-2.2.20/common/homedir.c:456:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = xmalloc (strlen (path) + 4 +1);
data/gnupg2-2.2.20/common/homedir.c:627:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (prefix) + 7 >= sizeof prefix)
data/gnupg2-2.2.20/common/homedir.c:677:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_hash_buffer (GCRY_MD_SHA1, sha1buf, s, strlen (s));
data/gnupg2-2.2.20/common/homedir.c:787:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = xmalloc (strlen (s1) + strlen (s2) + 1);
data/gnupg2-2.2.20/common/homedir.c:787:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = xmalloc (strlen (s1) + strlen (s2) + 1);
data/gnupg2-2.2.20/common/homedir.c:913:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1_len += 1 + strlen (*comp);
data/gnupg2-2.2.20/common/homedir.c:918:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = xmalloc (strlen (path) + s1_len + 1);
data/gnupg2-2.2.20/common/i18n.c:211:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mh = xtrymalloc (sizeof *mh + strlen (lc_messages));
data/gnupg2-2.2.20/common/iobuf.c:394:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cc = xcalloc (1, sizeof *cc + strlen (fname));
data/gnupg2-2.2.20/common/iobuf.c:493:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read (f, buf, size);
data/gnupg2-2.2.20/common/iobuf.c:1293:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fcx = xmalloc (sizeof *fcx + strlen (fname));
data/gnupg2-2.2.20/common/iobuf.c:2169:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return iobuf_write (a, buf, strlen (buf));
data/gnupg2-2.2.20/common/logging.c:261:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (name) + 7 < sizeof (srvr_addr_un.sun_path)-1)
data/gnupg2-2.2.20/common/logging.c:263:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (srvr_addr_un.sun_path,
data/gnupg2-2.2.20/common/logging.c:274:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*name && strlen (name) < sizeof (srvr_addr_un.sun_path)-1)
data/gnupg2-2.2.20/common/logging.c:276:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (srvr_addr_un.sun_path,
data/gnupg2-2.2.20/common/logging.c:292:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addrstr = xtrymalloc (strlen (name) + 1);
data/gnupg2-2.2.20/common/logging.c:519:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cookie = xmalloc (sizeof *cookie + (name? strlen (name):0));
data/gnupg2-2.2.20/common/logging.c:609:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (prefix_buffer, text, sizeof (prefix_buffer)-1);
data/gnupg2-2.2.20/common/logging.c:784:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
?strlen (prefix_buffer)+2:0), "",
data/gnupg2-2.2.20/common/logging.c:790:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*fmt && fmt[strlen(fmt)-1] != '\n')
data/gnupg2-2.2.20/common/mapstrings.c:120:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (macros[idx].name) == (s3 - s2)
data/gnupg2-2.2.20/common/mapstrings.c:151:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
init_membuf (&mb, strlen (string) + 100);
data/gnupg2-2.2.20/common/mbox-util.c:171:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return name? is_valid_mailbox_mem (name, strlen (name)) : 0;
data/gnupg2-2.2.20/common/mbox-util.c:198:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (result, s, len);
data/gnupg2-2.2.20/common/membuf.c:136:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
put_membuf (mb, string, strlen (string));
data/gnupg2-2.2.20/common/membuf.c:154:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
put_membuf (mb, buf, strlen (buf));
data/gnupg2-2.2.20/common/miscellaneous.c:196:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*bytes_written = strlen (buf);
data/gnupg2-2.2.20/common/miscellaneous.c:237:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
do_print_utf8_buffer (stream, p, strlen (p), NULL, NULL);
data/gnupg2-2.2.20/common/mischelp.c:193:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_zone = malloc(3+strlen(zone)+1);
data/gnupg2-2.2.20/common/mischelp.h:87:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen ((ptr)->sun_path))
data/gnupg2-2.2.20/common/name-value.c:117:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (entry->value, strlen (entry->value));
data/gnupg2-2.2.20/common/name-value.c:155:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t i, len = strlen (name);
data/gnupg2-2.2.20/common/name-value.c:180:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (entry->value);
data/gnupg2-2.2.20/common/name-value.c:187:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (entry->raw_value == NULL && strlen (entry->name) < linelen)
data/gnupg2-2.2.20/common/name-value.c:188:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen -= strlen (entry->name);
data/gnupg2-2.2.20/common/name-value.c:263:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (s);
data/gnupg2-2.2.20/common/name-value.c:435:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (value, strlen (value));
data/gnupg2-2.2.20/common/name-value.c:489:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (e->value, strlen (e->value));
data/gnupg2-2.2.20/common/name-value.c:585:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return gcry_sexp_sscan (retsexp, NULL, e->value, strlen (e->value));
data/gnupg2-2.2.20/common/name-value.c:616:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen (raw) - 1;
data/gnupg2-2.2.20/common/name-value.c:624:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (raw);
data/gnupg2-2.2.20/common/openpgp-oid.c:122:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xtrymalloc (1 + strlen (string) + 2);
data/gnupg2-2.2.20/common/openpgp-oid.c:239:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (p);
data/gnupg2-2.2.20/common/openpgp-oid.c:252:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (p);
data/gnupg2-2.2.20/common/recsel.c:250:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se = xtrymalloc (sizeof *se + strlen (expr));
data/gnupg2-2.2.20/common/recsel.c:534:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valuelen = strlen (value);
data/gnupg2-2.2.20/common/recsel.c:536:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
selen = strlen (se->value);
data/gnupg2-2.2.20/common/server-help.c:78:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen (name);
data/gnupg2-2.2.20/common/server-help.c:98:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (name);
data/gnupg2-2.2.20/common/server-help.c:123:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen (name);
data/gnupg2-2.2.20/common/server-help.c:171:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen (name);
data/gnupg2-2.2.20/common/session-env.c:191:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valuelen = strlen (value);
data/gnupg2-2.2.20/common/session-env.c:198:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen (se->array[idx]->name) == namelen)
data/gnupg2-2.2.20/common/session-env.c:200:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (se->array[idx]->value) == valuelen)
data/gnupg2-2.2.20/common/session-env.c:289:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return update_var (se, name, strlen (name), value, 0);
data/gnupg2-2.2.20/common/session-env.c:358:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
update_var (se, name, strlen (name), defvalue, 1);
data/gnupg2-2.2.20/common/sexp-parse.h:99:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t toklen = strlen (token);
data/gnupg2-2.2.20/common/sexputil.c:395:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keybuf = xtrymalloc (strlen (part1) + strlen (mlen_str) + mlen + m_extra
data/gnupg2-2.2.20/common/sexputil.c:395:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keybuf = xtrymalloc (strlen (part1) + strlen (mlen_str) + mlen + m_extra
data/gnupg2-2.2.20/common/sexputil.c:396:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (part2) + strlen (elen_str) + elen + e_extra
data/gnupg2-2.2.20/common/sexputil.c:396:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (part2) + strlen (elen_str) + elen + e_extra
data/gnupg2-2.2.20/common/sexputil.c:397:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (part3) + 1);
data/gnupg2-2.2.20/common/signal.c:114:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)write(2, s, strlen (s));
data/gnupg2-2.2.20/common/signal.c:118:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) write (2, s, strlen(s) );
data/gnupg2-2.2.20/common/simple-pwquery.c:106:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = spwq_malloc (7 + strlen (name) + 1 + strlen (value) + 2);
data/gnupg2-2.2.20/common/simple-pwquery.c:106:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = spwq_malloc (7 + strlen (name) + 1 + strlen (value) + 2);
data/gnupg2-2.2.20/common/simple-pwquery.c:109:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (stpcpy (stpcpy (stpcpy (
data/gnupg2-2.2.20/common/simple-pwquery.c:164:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = spwq_malloc (strlen (old_lc)+1);
data/gnupg2-2.2.20/common/simple-pwquery.c:186:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = spwq_malloc (strlen (old_lc)+1);
data/gnupg2-2.2.20/common/simple-pwquery.c:321:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
default_gpg_agent_info = spwq_malloc (strlen (name) + 1);
data/gnupg2-2.2.20/common/simple-pwquery.c:397:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 3*strlen (cacheid) + 1
data/gnupg2-2.2.20/common/simple-pwquery.c:398:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 3*strlen (tryagain) + 1
data/gnupg2-2.2.20/common/simple-pwquery.c:399:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 3*strlen (prompt) + 1
data/gnupg2-2.2.20/common/simple-pwquery.c:400:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 3*strlen (description) + 1
data/gnupg2-2.2.20/common/simple-pwquery.c:466:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (cacheid) * 3 > sizeof (line) - 50)
data/gnupg2-2.2.20/common/ssh-utils.c:243:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*r_fpr = xtrymalloc (strlen (algo_name) + 1 + 3 * gcry_md_get_algo_dlen (algo) + 1);
data/gnupg2-2.2.20/common/ssh-utils.c:250:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy (*r_fpr, algo_name, strlen (algo_name));
data/gnupg2-2.2.20/common/ssh-utils.c:251:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fpr = (char *) *r_fpr + strlen (algo_name);
data/gnupg2-2.2.20/common/ssh-utils.c:305:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*r_len = strlen (*r_fpr) + 1;
data/gnupg2-2.2.20/common/stringhelp.c:94:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (keyword);
data/gnupg2-2.2.20/common/stringhelp.c:360:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dirname, filepath, dirname_length);
data/gnupg2-2.2.20/common/stringhelp.c:424:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (first_part) + 1;
data/gnupg2-2.2.20/common/stringhelp.c:428:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen (argv[argc]) + 1;
data/gnupg2-2.2.20/common/stringhelp.c:450:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen (home);
data/gnupg2-2.2.20/common/stringhelp.c:468:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
skip = 1 + strlen (user);
data/gnupg2-2.2.20/common/stringhelp.c:473:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen (home);
data/gnupg2-2.2.20/common/stringhelp.c:535:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (home) + 1 + strlen (name) + 1;
data/gnupg2-2.2.20/common/stringhelp.c:535:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (home) + 1 + strlen (name) + 1;
data/gnupg2-2.2.20/common/stringhelp.c:567:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (name);
data/gnupg2-2.2.20/common/stringhelp.c:1145:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
needed = strlen (s1);
data/gnupg2-2.2.20/common/stringhelp.c:1148:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
needed += strlen (argv[argc]);
data/gnupg2-2.2.20/common/stringhelp.c:1281:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (string) + 1;
data/gnupg2-2.2.20/common/stringhelp.c:1306:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (px = p + strlen (p) - 1; px >= p && spacep (px); px--)
data/gnupg2-2.2.20/common/stringhelp.c:1526:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = &text[strlen (text)];
data/gnupg2-2.2.20/common/stringhelp.c:1611:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove (p, &p[spaces], strlen (&p[spaces]) + 1);
data/gnupg2-2.2.20/common/stringhelp.c:1621:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trim_trailing_chars (text, strlen (text), " ");
data/gnupg2-2.2.20/common/stringhelp.c:1623:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (! copied_last_space && *text && text[strlen (text) - 1] == '\n')
data/gnupg2-2.2.20/common/stringhelp.c:1624:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text[strlen (text) - 1] = '\0';
data/gnupg2-2.2.20/common/strlist.c:63:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (sl, sizeof *sl + strlen (sl->d));
data/gnupg2-2.2.20/common/strlist.c:76:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xmalloc( sizeof *sl + strlen(string));
data/gnupg2-2.2.20/common/strlist.c:92:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc (sizeof *sl + strlen (string));
data/gnupg2-2.2.20/common/strlist.c:143:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc( sizeof *sl + strlen(string));
data/gnupg2-2.2.20/common/strlist.c:188:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xmalloc (sizeof *sl + strlen (list->d));
data/gnupg2-2.2.20/common/strlist.c:231:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = xmalloc(strlen(sl->d)+1);
data/gnupg2-2.2.20/common/sysutils.c:450:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define mystrlen(a) wcslen (a)
data/gnupg2-2.2.20/common/sysutils.c:454:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define mystrlen(a) strlen (a)
data/gnupg2-2.2.20/common/sysutils.c:861:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tmpl);
data/gnupg2-2.2.20/common/sysutils.c:1022:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (buffer, "/"); /* Always "/". */
data/gnupg2-2.2.20/common/sysutils.c:1262:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (evp->len >= strlen (name) && !strcmp (evp->name, name))
data/gnupg2-2.2.20/common/t-b64.c:56:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = b64enc_write (&state, string, strlen (string));
data/gnupg2-2.2.20/common/t-convert.c:391:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (tests[idx].hex)+1 < sizeof tmpbuf);
data/gnupg2-2.2.20/common/t-exectool.c:125:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (len == strlen (vector));
data/gnupg2-2.2.20/common/t-gettime.c:92:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (tbuf) != 15)
data/gnupg2-2.2.20/common/t-gettime.c:174:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (result && strlen (tbuf) != 15)
data/gnupg2-2.2.20/common/t-iobuf.c:92:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state->len = strlen (buffer);
data/gnupg2-2.2.20/common/t-iobuf.c:145:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iobuf = iobuf_temp_with_content (content, strlen (content));
data/gnupg2-2.2.20/common/t-iobuf.c:158:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (n == strlen (content) / 2);
data/gnupg2-2.2.20/common/t-iobuf.c:173:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iobuf = iobuf_temp_with_content (content, strlen (content));
data/gnupg2-2.2.20/common/t-iobuf.c:192:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (n == 10 + (strlen (content) - 10) / 2);
data/gnupg2-2.2.20/common/t-iobuf.c:212:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iobuf = iobuf_temp_with_content (content, strlen(content));
data/gnupg2-2.2.20/common/t-iobuf.c:288:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iobuf = iobuf_temp_with_content (content, strlen(content));
data/gnupg2-2.2.20/common/t-iobuf.c:337:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = iobuf_write (iobuf, content, strlen (content));
data/gnupg2-2.2.20/common/t-iobuf.c:344:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = iobuf_write (iobuf, content2, strlen (content2) + 1);
data/gnupg2-2.2.20/common/t-iobuf.c:356:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (n == strlen (content) + 2 * (strlen (content2) + 1));
data/gnupg2-2.2.20/common/t-iobuf.c:356:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (n == strlen (content) + 2 * (strlen (content2) + 1));
data/gnupg2-2.2.20/common/t-iobuf.c:372:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iobuf = iobuf_temp_with_content (content, strlen (content));
data/gnupg2-2.2.20/common/t-name-value.c:258:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (tests[i].value);
data/gnupg2-2.2.20/common/t-session-env.c:70:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen (name) + 1;
data/gnupg2-2.2.20/common/t-session-env.c:74:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen (assname) + 2;
data/gnupg2-2.2.20/common/t-ssh-utils.c:284:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sample_keys[idx].key),
data/gnupg2-2.2.20/common/t-ssh-utils.c:337:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sample_keys[idx].key));
data/gnupg2-2.2.20/common/t-stringhelp.c:86:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (buffer, "/"); /* Always "/". */
data/gnupg2-2.2.20/common/t-stringhelp.c:347:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t homelen = home? strlen (home):0;
data/gnupg2-2.2.20/common/t-stringhelp.c:411:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (out) < homelen + 7)
data/gnupg2-2.2.20/common/t-stringhelp.c:430:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (out) < homelen + 3)
data/gnupg2-2.2.20/common/t-stringhelp.c:451:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t cwdlen = strlen (cwd);
data/gnupg2-2.2.20/common/t-stringhelp.c:456:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (out) < cwdlen + 7)
data/gnupg2-2.2.20/common/t-stringhelp.c:467:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (out) < cwdlen + 5)
data/gnupg2-2.2.20/common/t-stringhelp.c:478:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (out) < cwdlen)
data/gnupg2-2.2.20/common/t-stringhelp.c:843:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen (s) + 1;
data/gnupg2-2.2.20/common/ttyio.c:381:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( max_n && (strlen( buf ) > max_n )) {
data/gnupg2-2.2.20/common/ttyio.c:472:13: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/gnupg2-2.2.20/common/ttyio.c:530:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while( read(fileno(ttyfp), cbuf, 1) == 1 && *cbuf != '\n' ) {
data/gnupg2-2.2.20/common/ttyio.c:585:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xmalloc(line? strlen(line)+1:2);
data/gnupg2-2.2.20/common/ttyio.c:590:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (buf) > 2 )
data/gnupg2-2.2.20/common/userids.c:92:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*s && spacep (s + strlen(s) - 1))
data/gnupg2-2.2.20/common/utf8conv.c:196:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aliases += strlen (aliases) + 1, aliases += strlen (aliases) + 1)
data/gnupg2-2.2.20/common/utf8conv.c:196:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aliases += strlen (aliases) + 1, aliases += strlen (aliases) + 1)
data/gnupg2-2.2.20/common/utf8conv.c:200:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newset = aliases + strlen (aliases) + 1;
data/gnupg2-2.2.20/common/utf8conv.c:229:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mod = dot + strlen (dot);
data/gnupg2-2.2.20/common/utf8conv.c:243:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (newset) > 3 && !ascii_memcasecmp (newset, "iso", 3))
data/gnupg2-2.2.20/common/utf8conv.c:376:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inbytes = strlen (string);
data/gnupg2-2.2.20/common/w32-reg.c:207:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xtrymalloc (strlen (tmp)+1);
data/gnupg2-2.2.20/common/w32help.h:46:1: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask (int a)
data/gnupg2-2.2.20/common/xreadline.c:86:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc (fp)) != EOF)
data/gnupg2-2.2.20/common/xreadline.c:93:38: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (c != '\n' && (c=getc (fp)) != EOF)
data/gnupg2-2.2.20/dirmngr/cdblib.c:456:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
do l = read(fd, buf, len);
data/gnupg2-2.2.20/dirmngr/cdblib.c:668:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (lseek(fd, pos, SEEK_SET) < 0 || read(fd, buf, 8) != 8)
data/gnupg2-2.2.20/dirmngr/cdblib.c:674:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, sizeof(buf)) != sizeof(buf))
data/gnupg2-2.2.20/dirmngr/cdblib.c:682:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, klen) != klen)
data/gnupg2-2.2.20/dirmngr/certcache.c:186:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xtrymalloc (strlen (numbuf) + len + 2 );
data/gnupg2-2.2.20/dirmngr/certcache.c:387:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (p);
data/gnupg2-2.2.20/dirmngr/crlcache.c:595:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (entry->this_update, p, 15);
data/gnupg2-2.2.20/dirmngr/crlcache.c:599:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (entry->next_update, p, 15);
data/gnupg2-2.2.20/dirmngr/crlcache.c:673:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (entry->issuer_hash) != 40)
data/gnupg2-2.2.20/dirmngr/crlcache.c:694:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (entry->dbfile_hash) != 32)
data/gnupg2-2.2.20/dirmngr/crlcache.c:982:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (issuer_hash) == 40);
data/gnupg2-2.2.20/dirmngr/crlcache.c:1023:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_write (md5, buffer, strlen (buffer));
data/gnupg2-2.2.20/dirmngr/crlcache.c:1056:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (md5hexvalue) != 32)
data/gnupg2-2.2.20/dirmngr/crlcache.c:1432:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (serialno)/2+1;
data/gnupg2-2.2.20/dirmngr/crlcache.c:1479:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_hash_buffer (GCRY_MD_SHA1, issuerhash, tmp, strlen (tmp));
data/gnupg2-2.2.20/dirmngr/crlcache.c:1939:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen (p?p:s) + 1;
data/gnupg2-2.2.20/dirmngr/crlcache.c:2152:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
issuer_hash = hashify_data (issuer, strlen (issuer));
data/gnupg2-2.2.20/dirmngr/crlcache.c:2161:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry->release_ptr = xtrymalloc (strlen (issuer_hash) + 1
data/gnupg2-2.2.20/dirmngr/crlcache.c:2162:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (issuer) + 1
data/gnupg2-2.2.20/dirmngr/crlcache.c:2163:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (url) + 1
data/gnupg2-2.2.20/dirmngr/crlcache.c:2164:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (checksum) + 1);
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:480:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=getc (fp)) != EOF)
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:489:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc(fp)) == EOF)
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:492:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc(fp)) == EOF)
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:500:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c=getc (fp)) != EOF && c != '\n')
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:808:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = xmalloc (8 + 6 + strlen (fname) * 3 + 1);
data/gnupg2-2.2.20/dirmngr/dirmngr-client.c:854:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line = xmalloc (10 + 6 + 13 + strlen (pattern)*3 + 1);
data/gnupg2-2.2.20/dirmngr/dirmngr.c:441:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (text);
data/gnupg2-2.2.20/dirmngr/dirmngr.c:893:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
data/gnupg2-2.2.20/dirmngr/dirmngr.c:893:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
data/gnupg2-2.2.20/dirmngr/dirmngr.c:1646:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*buffer || buffer[strlen(buffer)-1] != '\n')
data/gnupg2-2.2.20/dirmngr/dirmngr.c:1762:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*line || line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/dirmngr/dirmngr.c:2122:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf.ev.len < strlen (name)+1)
data/gnupg2-2.2.20/dirmngr/dirmngr_ldap.c:532:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (attr);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:299:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (tor_nameserver, ipaddr? ipaddr : DEFAULT_NAMESERVER,
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:580:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (ld.resolv_conf->lookup)+2 < sizeof ld.resolv_conf->lookup)
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:584:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (ld.resolv_conf->lookup, "b");
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:861:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*name == '[' && name[strlen(name)-1] == ']')
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:863:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf = xtrymalloc (strlen (name));
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:870:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namebuf[strlen (namebuf)-1] = 0;
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:918:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (**r_canonname && (*r_canonname)[strlen (*r_canonname)-1] == '.')
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:919:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*r_canonname)[strlen (*r_canonname)-1] = 0;
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1209:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (**r_name && (*r_name)[strlen (*r_name)-1] == '.')
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1210:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*r_name)[strlen (*r_name)-1] = 0;
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1235:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (buffer, "]");
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1282:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (buffer, "]");
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1289:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = xtryrealloc (buffer, strlen (buffer)+1);
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1408:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = name? strlen (name) : 0;
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1443:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dns_d_anchor (host, sizeof host, name, strlen (name)) >= sizeof host)
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1872:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dns_d_anchor (host, sizeof host, name, strlen (name)) >= sizeof host)
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1935:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*srv->target && (srv->target)[strlen (srv->target)-1] == '.')
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:1936:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(srv->target)[strlen (srv->target)-1] = 0;
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2265:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dns_d_cname (&cname, sizeof cname, name, strlen (name), ans, &derr))
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2279:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (**r_cname && (*r_cname)[strlen (*r_cname)-1] == '.')
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2280:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*r_cname)[strlen (*r_cname)-1] = 0;
data/gnupg2-2.2.20/dirmngr/dns-stuff.c:2356:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*r_cname = xtryrealloc (cname, strlen (cname)+1);
data/gnupg2-2.2.20/dirmngr/dns.c:1519:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dns_b_put(b, src, strlen(src));
data/gnupg2-2.2.20/dirmngr/dns.c:2339:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dns_q_make2(Q, qname, strlen(qname), qtype, qclass, qflags);
data/gnupg2-2.2.20/dirmngr/dns.c:3488:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_d_push(P, mx->host, strlen(mx->host))))
data/gnupg2-2.2.20/dirmngr/dns.c:3553:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_d_push(P, ns->host, strlen(ns->host))))
data/gnupg2-2.2.20/dirmngr/dns.c:3666:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_d_push(P, dn[i], strlen(dn[i]))))
data/gnupg2-2.2.20/dirmngr/dns.c:3816:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == (len = dns_d_comp(&P->data[P->end], P->size - P->end, srv->target, strlen(srv->target), P, &error)))
data/gnupg2-2.2.20/dirmngr/dns.c:5148:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (EOF != (ch = fgetc(fp)) && ch != '\n') {
data/gnupg2-2.2.20/dirmngr/dns.c:5220:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(addr); i < INET_ADDRSTRLEN; i++)
data/gnupg2-2.2.20/dirmngr/dns.c:5240:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dns_d_anchor(ent->host, sizeof ent->host, host, strlen(host));
data/gnupg2-2.2.20/dirmngr/dns.c:5381:83: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dns_d_anchor(resconf->search[0], sizeof resconf->search[0], resconf->search[0], strlen(resconf->search[0]));
data/gnupg2-2.2.20/dirmngr/dns.c:5382:83: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dns_d_cleave(resconf->search[0], sizeof resconf->search[0], resconf->search[0], strlen(resconf->search[0]));
data/gnupg2-2.2.20/dirmngr/dns.c:5614:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (EOF != (ch = getc(fp)) && ch != '\n') {
data/gnupg2-2.2.20/dirmngr/dns.c:5625:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(fp);
data/gnupg2-2.2.20/dirmngr/dns.c:5659:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dns_d_anchor(resconf->search[j], sizeof resconf->search[j], words[i], strlen(words[i]));
data/gnupg2-2.2.20/dirmngr/dns.c:5908:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(fp);
data/gnupg2-2.2.20/dirmngr/dns.c:5918:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (EOF != (ch = getc(fp))) {
data/gnupg2-2.2.20/dirmngr/dns.c:5937:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (EOF != (ch = getc(fp))) {
data/gnupg2-2.2.20/dirmngr/dns.c:6172:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(resconf->lookup, lookup, sizeof resconf->lookup);
data/gnupg2-2.2.20/dirmngr/dns.c:6371:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dns_d_isanchored(dn, strlen(dn)))
data/gnupg2-2.2.20/dirmngr/dns.c:6867:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_p_push(P, DNS_S_AUTHORITY, ".", strlen("."), DNS_T_NS, DNS_C_IN, 0, "hints.local.")))
data/gnupg2-2.2.20/dirmngr/dns.c:6879:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_p_push(P, DNS_S_ADDITIONAL, "hints.local.", strlen("hints.local."), rtype, DNS_C_IN, 0, dns_sa_addr(af, sa, NULL))))
data/gnupg2-2.2.20/dirmngr/dns.c:7813:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulen = strlen(so->opts.socks_user);
data/gnupg2-2.2.20/dirmngr/dns.c:7814:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(so->opts.socks_password);
data/gnupg2-2.2.20/dirmngr/dns.c:8482:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_p_push(P, DNS_S_QD, qname, strlen(qname), qtype, DNS_C_IN, 0, 0)))
data/gnupg2-2.2.20/dirmngr/dns.c:9221:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_p_push(F->answer, DNS_S_QD, R->qname, strlen(R->qname), R->qtype, R->qclass, 0, 0)))
data/gnupg2-2.2.20/dirmngr/dns.c:9347:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dns_res_submit2(R, qname, strlen(qname), qtype, qclass);
data/gnupg2-2.2.20/dirmngr/dns.c:9735:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(cname);
data/gnupg2-2.2.20/dirmngr/dns.c:9954:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dns_d_cname(ai->cname, sizeof ai->cname, ai->g.name, strlen(ai->g.name), ai->glue, &error))
data/gnupg2-2.2.20/dirmngr/dns.c:10656:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *_name = dns_d_init(_p, sizeof _p, dn, strlen (dn), DNS_D_ANCHOR);
data/gnupg2-2.2.20/dirmngr/dns.c:10696:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dn = dns_d_init(_p, sizeof _p, dn, strlen (dn), DNS_D_ANCHOR);
data/gnupg2-2.2.20/dirmngr/dns.c:10700:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} while (dns_d_cleave(dn, strlen(dn) + 1, dn, strlen(dn)));
data/gnupg2-2.2.20/dirmngr/dns.c:10700:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} while (dns_d_cleave(dn, strlen(dn) + 1, dn, strlen(dn)));
data/gnupg2-2.2.20/dirmngr/dns.c:10710:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dns_d_trim(name, sizeof name, *argv, strlen(*argv), DNS_D_ANCHOR);
data/gnupg2-2.2.20/dirmngr/dns.c:10867:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (dns_resconf_search(name, sizeof name, qname, strlen(qname), resconf(), &i))
data/gnupg2-2.2.20/dirmngr/dns.c:10967:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_p_push(Q, DNS_S_QD, MAIN.qname, strlen(MAIN.qname), MAIN.qtype, DNS_C_IN, 0, 0)))
data/gnupg2-2.2.20/dirmngr/dns.c:11041:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((error = dns_p_push(query, DNS_S_QUESTION, who, strlen(who), DNS_T_A, DNS_C_IN, 0, 0)))
data/gnupg2-2.2.20/dirmngr/dns.c:11313:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max = DNS_PP_MAX(max, strlen(type[i].name));
data/gnupg2-2.2.20/dirmngr/dns.c:11380:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cmds[i].cmd) > m)
data/gnupg2-2.2.20/dirmngr/dns.c:11381:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(cmds[i].cmd);
data/gnupg2-2.2.20/dirmngr/dns.c:11387:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(cmds[i].cmd); n < m; n++)
data/gnupg2-2.2.20/dirmngr/domaininfo.c:162:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
di_new = xtrycalloc (1, sizeof *di + strlen (domain));
data/gnupg2-2.2.20/dirmngr/http-common.c:44:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_assert (result && strlen (result) > 3);
data/gnupg2-2.2.20/dirmngr/http.c:448:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read (sock->fd, buffer, size);
data/gnupg2-2.2.20/dirmngr/http.c:522:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xtrymalloc (strlen (prefix) + (len+2)/3*4 + strlen (suffix) + 1);
data/gnupg2-2.2.20/dirmngr/http.c:522:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xtrymalloc (strlen (prefix) + (len+2)/3*4 + strlen (suffix) + 1);
data/gnupg2-2.2.20/dirmngr/http.c:597:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*sl->d && !strcmp (sl->d + strlen (sl->d) - 4, ".pem"))
data/gnupg2-2.2.20/dirmngr/http.c:626:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*sl->d && !strcmp (sl->d + strlen (sl->d) - 4, ".pem"))
data/gnupg2-2.2.20/dirmngr/http.c:1279:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*ret_uri = xtrycalloc (1, sizeof **ret_uri + 2 * strlen (uri) + 1);
data/gnupg2-2.2.20/dirmngr/http.c:1283:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy ((*ret_uri)->buffer + strlen (uri) + 1, uri);
data/gnupg2-2.2.20/dirmngr/http.c:1284:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*ret_uri)->original = (*ret_uri)->buffer + strlen (uri) + 1;
data/gnupg2-2.2.20/dirmngr/http.c:1341:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (uri->buffer);
data/gnupg2-2.2.20/dirmngr/http.c:1406:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (p - uri->buffer) + strlen (p);
data/gnupg2-2.2.20/dirmngr/http.c:1452:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (n != strlen (uri->host))
data/gnupg2-2.2.20/dirmngr/http.c:1481:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (n != strlen (p))
data/gnupg2-2.2.20/dirmngr/http.c:1621:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return escape_data (buffer, string, strlen (string), special);
data/gnupg2-2.2.20/dirmngr/http.c:1682:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (n != strlen (p))
data/gnupg2-2.2.20/dirmngr/http.c:1690:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tuple->value = p + strlen (p);
data/gnupg2-2.2.20/dirmngr/http.c:1825:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (hd->session->servername));
data/gnupg2-2.2.20/dirmngr/http.c:1877:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri->auth, strlen(uri->auth));
data/gnupg2-2.2.20/dirmngr/http.c:2187:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
myauth, strlen (myauth));
data/gnupg2-2.2.20/dirmngr/http.c:2388:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/dirmngr/http.c:2403:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen (hd->headers->value);
data/gnupg2-2.2.20/dirmngr/http.c:2438:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h = xtrymalloc (sizeof *h + strlen (line));
data/gnupg2-2.2.20/dirmngr/http.c:2442:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->value = xtrymalloc (strlen (value)+1);
data/gnupg2-2.2.20/dirmngr/http.c:2578:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(line)-(*line&&line[1]?2:0),line);
data/gnupg2-2.2.20/dirmngr/http.c:2666:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc (fp)) != EOF)
data/gnupg2-2.2.20/dirmngr/http.c:2970:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (serverlist->target, server, DIMof (struct srventry, target));
data/gnupg2-2.2.20/dirmngr/http.c:3088:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read (sock, buffer, size);
data/gnupg2-2.2.20/dirmngr/http.c:3574:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t subdomlen = strlen (subdom);
data/gnupg2-2.2.20/dirmngr/http.c:3703:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newurl = xtrymalloc (strlen (origuri->original)
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:130:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hi = xtrymalloc (sizeof *hi + strlen (name));
data/gnupg2-2.2.20/dirmngr/ks-engine-hkp.c:1702:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (parm->datastring);
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:791:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vals[0]) == 15)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:801:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (vals[0]) == 15)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1185:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(vals && strlen (vals[0]) == 15)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1195:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (vals && strlen (vals[0]) == 15)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1226:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(vals && strlen (vals[0]) == 15)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1478:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t value_len = strlen (*ptr);
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1651:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (is_uid && strlen (keyid) == 0)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1654:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (keyid) == 16
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1751:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (create_time) == 0)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1799:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (expire_time) == 0)
data/gnupg2-2.2.20/dirmngr/ks-engine-ldap.c:1846:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (is_pub && strlen (uid) == 0)
data/gnupg2-2.2.20/dirmngr/ldap-parse-uri.c:130:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define add(s) do { if (s) len += strlen (s) + 1; } while (0)
data/gnupg2-2.2.20/dirmngr/ldap-parse-uri.c:176:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
puri->query->valuelen = strlen (password) + 1;
data/gnupg2-2.2.20/dirmngr/ldap-parse-uri.c:208:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (l == strlen (filter))
data/gnupg2-2.2.20/dirmngr/ldap-parse-uri.c:214:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *escaped = xmalloc (1 + 3 * strlen (filter));
data/gnupg2-2.2.20/dirmngr/ldap-parse-uri.c:220:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (filter_i = 0; filter_i < strlen (filter); filter_i ++)
data/gnupg2-2.2.20/dirmngr/ldap-url.c:326:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen( sep );
data/gnupg2-2.2.20/dirmngr/ldap-url.c:330:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen( *v ) + slen;
data/gnupg2-2.2.20/dirmngr/ldap-url.c:349:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( p, sep, slen );
data/gnupg2-2.2.20/dirmngr/ldap-url.c:353:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( *v );
data/gnupg2-2.2.20/dirmngr/ldap-url.c:354:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( p, *v, len );
data/gnupg2-2.2.20/dirmngr/ldap-url.c:551:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = &url[strlen(url)-1];
data/gnupg2-2.2.20/dirmngr/ldap-wrapper.c:224:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/dirmngr/ldap.c:335:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (sizeof *result + 5 + strlen (pattern));
data/gnupg2-2.2.20/dirmngr/ldap.c:352:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (sizeof *result + strlen (pattern));
data/gnupg2-2.2.20/dirmngr/ldap.c:378:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (format) + 3 * strlen (pattern));
data/gnupg2-2.2.20/dirmngr/ldap.c:378:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (format) + 3 * strlen (pattern));
data/gnupg2-2.2.20/dirmngr/ldapserver.c:40:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset (servers->pass, 0, strlen (servers->pass));
data/gnupg2-2.2.20/dirmngr/misc.c:213:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf (buf+strlen(buf), "%02X", digest[i]);
data/gnupg2-2.2.20/dirmngr/misc.c:247:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf (buf+strlen(buf), "%02X:", digest[i]);
data/gnupg2-2.2.20/dirmngr/misc.c:248:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = 0; /* Remove railing colon. */
data/gnupg2-2.2.20/dirmngr/misc.c:287:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_printhex (NULL, string, strlen (string));
data/gnupg2-2.2.20/dirmngr/misc.c:526:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| n != strlen (buf) )
data/gnupg2-2.2.20/dirmngr/ocsp.c:461:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (algo && s && strlen (s) < 16)
data/gnupg2-2.2.20/dirmngr/server.c:744:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, mbox, strlen (mbox));
data/gnupg2-2.2.20/dirmngr/server.c:764:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_hash_buffer (GCRY_MD_SHA256, hashbuf, mbox, strlen (mbox));
data/gnupg2-2.2.20/dirmngr/server.c:943:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
domainlen = strlen (domain);
data/gnupg2-2.2.20/dirmngr/server.c:948:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
targetlen = strlen (srvs[i].target);
data/gnupg2-2.2.20/dirmngr/server.c:974:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_hash_buffer (GCRY_MD_SHA1, sha1buf, mbox, strlen (mbox));
data/gnupg2-2.2.20/dirmngr/server.c:1227:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (issuerhash) != 40)
data/gnupg2-2.2.20/dirmngr/server.c:1241:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (fpr) != 40)
data/gnupg2-2.2.20/dirmngr/server.c:1595:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc (sizeof *sl + strlen (line));
data/gnupg2-2.2.20/dirmngr/server.c:1839:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xtrymalloc (strlen (line)+1);
data/gnupg2-2.2.20/dirmngr/server.c:2102:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item = xtrymalloc (sizeof *item + strlen (uri));
data/gnupg2-2.2.20/dirmngr/server.c:2370:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc (sizeof *sl + strlen (line));
data/gnupg2-2.2.20/dirmngr/server.c:2437:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc (sizeof *sl + strlen (line));
data/gnupg2-2.2.20/dirmngr/server.c:2625:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/dirmngr/server.c:2630:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/dirmngr/server.c:2635:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/dirmngr/server.c:2640:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/dirmngr/server.c:2696:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/dirmngr/t-http.c:184:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (srcdir) + 1 + strlen (fname) + 1);
data/gnupg2-2.2.20/dirmngr/t-http.c:184:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (srcdir) + 1 + strlen (fname) + 1);
data/gnupg2-2.2.20/dirmngr/t-http.c:186:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (result, "/");
data/gnupg2-2.2.20/dirmngr/t-http.c:406:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (r->value) != r->valuelen)
data/gnupg2-2.2.20/dirmngr/t-http.c:417:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (r->value) != r->valuelen)
data/gnupg2-2.2.20/dirmngr/validate.c:194:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen (allowed[idx])] != ':')
data/gnupg2-2.2.20/dirmngr/workqueue.c:75:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item->args, strlen (item->args) > 100? "[...]":"");
data/gnupg2-2.2.20/dirmngr/workqueue.c:98:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item = xtrycalloc (1, sizeof *item + strlen (args));
data/gnupg2-2.2.20/dirmngr/workqueue.c:129:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item->args, strlen (item->args) > 100? "[...]":"");
data/gnupg2-2.2.20/doc/mkdefsinc.c:91:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = xmalloc (strlen (string)+1);
data/gnupg2-2.2.20/doc/mkdefsinc.c:238:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*opt_date == '2' && strlen (opt_date) >= 10
data/gnupg2-2.2.20/doc/mkdefsinc.c:287:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (opt_date) + strlen (month) + 2 + 1;
data/gnupg2-2.2.20/doc/mkdefsinc.c:287:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (opt_date) + strlen (month) + 2 + 1;
data/gnupg2-2.2.20/doc/yat2m.c:337:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
void *p = malloc (strlen (string)+1);
data/gnupg2-2.2.20/doc/yat2m.c:394:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = xcalloc (1, sizeof *m + strlen (name));
data/gnupg2-2.2.20/doc/yat2m.c:417:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = xcalloc (1, sizeof *m + strlen (macroname));
data/gnupg2-2.2.20/doc/yat2m.c:454:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = xcalloc (1, sizeof *m + strlen (nameandvalue));
data/gnupg2-2.2.20/doc/yat2m.c:545:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cond = xcalloc (1, sizeof *cond + strlen (name));
data/gnupg2-2.2.20/doc/yat2m.c:651:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n1 = strlen (lb->line);
data/gnupg2-2.2.20/doc/yat2m.c:652:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = n1 + 1 + strlen (line) + 1;
data/gnupg2-2.2.20/doc/yat2m.c:654:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (lb->line+n1, "\n");
data/gnupg2-2.2.20/doc/yat2m.c:866:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (m->name) == len
data/gnupg2-2.2.20/doc/yat2m.c:890:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
proc_texi_buffer (fp, m->value, strlen (m->value),
data/gnupg2-2.2.20/doc/yat2m.c:1026:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
proc_texi_buffer (fp, line, strlen (line), table_level, &eol_action);
data/gnupg2-2.2.20/doc/yat2m.c:1179:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (line);
data/gnupg2-2.2.20/doc/yat2m.c:1240:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (macrovalueused + strlen (line) + 2 >= macrovaluesize)
data/gnupg2-2.2.20/doc/yat2m.c:1242:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
macrovaluesize += strlen (line) + 256;
data/gnupg2-2.2.20/doc/yat2m.c:1246:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
macrovalueused += strlen (line);
data/gnupg2-2.2.20/doc/yat2m.c:1407:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
incname = xmalloc (strlen (opt_include) + 1
data/gnupg2-2.2.20/doc/yat2m.c:1408:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (p) + 1);
data/gnupg2-2.2.20/doc/yat2m.c:1410:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( incname[strlen (incname)-1] != '/' )
data/gnupg2-2.2.20/doc/yat2m.c:1411:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (incname, "/");
data/gnupg2-2.2.20/g10/armor.c:319:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(line) < 6 || strlen(line) > 60 )
data/gnupg2-2.2.20/g10/armor.c:319:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(line) < 6 || strlen(line) > 60 )
data/gnupg2-2.2.20/g10/armor.c:482:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if( strlen(line) > 15 && !memcmp( line, "NotDashEscaped:", 15 ) )
data/gnupg2-2.2.20/g10/build-packet.c:387:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (rt->url);
data/gnupg2-2.2.20/g10/call-agent.c:155:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (parm->ctx, s, strlen (s));
data/gnupg2-2.2.20/g10/call-agent.c:175:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (parm->ctx, pw, strlen (pw));
data/gnupg2-2.2.20/g10/call-agent.c:525:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parm->is_v2 = (strlen (parm->serialno) >= 16
data/gnupg2-2.2.20/g10/call-agent.c:998:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (12 + strlen (name) > DIM(line)-1)
data/gnupg2-2.2.20/g10/call-agent.c:1051:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (12 + strlen (name) > DIM(line)-1)
data/gnupg2-2.2.20/g10/call-agent.c:1087:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (12 + strlen (name) > DIM(line)-1)
data/gnupg2-2.2.20/g10/call-agent.c:1836:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hexkeygrip || strlen (hexkeygrip) != 40)
data/gnupg2-2.2.20/g10/call-agent.c:1907:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parm->keyparms, strlen (parm->keyparms));
data/gnupg2-2.2.20/g10/call-agent.c:1912:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parm->passphrase, strlen (parm->passphrase));
data/gnupg2-2.2.20/g10/call-agent.c:2105:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bin2hex (digest, digestlen, line + strlen (line));
data/gnupg2-2.2.20/g10/call-agent.c:2204:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!keygrip || strlen(keygrip) != 40
data/gnupg2-2.2.20/g10/call-agent.c:2507:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hexkeygrip || strlen (hexkeygrip) != 40)
data/gnupg2-2.2.20/g10/call-agent.c:2553:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hexkeygrip || strlen (hexkeygrip) != 40)
data/gnupg2-2.2.20/g10/call-dirmngr.c:809:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line) + 2 >= ASSUAN_LINELENGTH)
data/gnupg2-2.2.20/g10/call-dirmngr.c:901:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (userid);
data/gnupg2-2.2.20/g10/call-dirmngr.c:1174:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!hex2str (buf, buf, strlen (buf)+1, &nbytes))
data/gnupg2-2.2.20/g10/call-dirmngr.c:1248:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line) + 2 >= ASSUAN_LINELENGTH)
data/gnupg2-2.2.20/g10/call-dirmngr.c:1328:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line) + 2 >= ASSUAN_LINELENGTH)
data/gnupg2-2.2.20/g10/call-dirmngr.c:1394:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line) + 2 >= ASSUAN_LINELENGTH)
data/gnupg2-2.2.20/g10/card-util.c:142:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (answer) != 1)
data/gnupg2-2.2.20/g10/card-util.c:295:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
print_utf8_buffer2 (fp, name, strlen (name), '\n');
data/gnupg2-2.2.20/g10/card-util.c:297:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_print_utf8_string2 (NULL, name, strlen (name), 0);
data/gnupg2-2.2.20/g10/card-util.c:326:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, given, strlen (given), ":", NULL);
data/gnupg2-2.2.20/g10/card-util.c:328:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
print_utf8_buffer2 (fp, given, strlen (given), '\n');
data/gnupg2-2.2.20/g10/card-util.c:330:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_print_utf8_string2 (NULL, given, strlen (given), 0);
data/gnupg2-2.2.20/g10/card-util.c:339:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, buf, strlen (buf), ":", NULL);
data/gnupg2-2.2.20/g10/card-util.c:341:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
print_utf8_buffer2 (fp, buf, strlen (buf), '\n');
data/gnupg2-2.2.20/g10/card-util.c:343:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_print_utf8_string2 (NULL, buf, strlen (buf), 0);
data/gnupg2-2.2.20/g10/card-util.c:421:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen (info.serialno) != 32 )
data/gnupg2-2.2.20/g10/card-util.c:467:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (info.serialno)+1 > serialnobuflen)
data/gnupg2-2.2.20/g10/card-util.c:489:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, info.disp_lang, strlen (info.disp_lang),
data/gnupg2-2.2.20/g10/card-util.c:498:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, info.pubkey_url, strlen (info.pubkey_url),
data/gnupg2-2.2.20/g10/card-util.c:504:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, info.login_data, strlen (info.login_data),
data/gnupg2-2.2.20/g10/card-util.c:543:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (info.private_do[i]), ":", NULL);
data/gnupg2-2.2.20/g10/card-util.c:817:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isoname = xmalloc ( strlen (surname) + 2 + strlen (givenname) + 1);
data/gnupg2-2.2.20/g10/card-util.c:817:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isoname = xmalloc ( strlen (surname) + 2 + strlen (givenname) + 1);
data/gnupg2-2.2.20/g10/card-util.c:825:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (isoname) > 39 )
data/gnupg2-2.2.20/g10/card-util.c:833:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = agent_scd_setattr ("DISP-NAME", isoname, strlen (isoname));
data/gnupg2-2.2.20/g10/card-util.c:854:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = agent_scd_setattr ("PUBKEY-URL", url, strlen (url));
data/gnupg2-2.2.20/g10/card-util.c:1007:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (data);
data/gnupg2-2.2.20/g10/card-util.c:1045:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (data);
data/gnupg2-2.2.20/g10/card-util.c:1131:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (data) > 8 || (strlen (data) & 1))
data/gnupg2-2.2.20/g10/card-util.c:1131:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (data) > 8 || (strlen (data) & 1))
data/gnupg2-2.2.20/g10/card-util.c:1147:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = agent_scd_setattr ("DISP-LANG", data, strlen (data));
data/gnupg2-2.2.20/g10/card-util.c:1271:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen (info->serialno) != 32 )
data/gnupg2-2.2.20/g10/card-util.c:1582:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = agent_scd_setattr ("KEY-ATTR", args, strlen (args));
data/gnupg2-2.2.20/g10/card-util.c:2083:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = gcry_kdf_derive (USER_PIN_DEFAULT, strlen (USER_PIN_DEFAULT),
data/gnupg2-2.2.20/g10/card-util.c:2091:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = gcry_kdf_derive (ADMIN_PIN_DEFAULT, strlen (ADMIN_PIN_DEFAULT),
data/gnupg2-2.2.20/g10/card-util.c:2213:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(text);
data/gnupg2-2.2.20/g10/card-util.c:2376:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = xmalloc (strlen (serialnobuf) + 6 + 1);
data/gnupg2-2.2.20/g10/cpr.c:321:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen (string);
data/gnupg2-2.2.20/g10/cpr.c:323:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*string && string[strlen (string)-1] != ' ')
data/gnupg2-2.2.20/g10/cpr.c:392:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen += strlen (buf+buflen);
data/gnupg2-2.2.20/g10/cpr.c:408:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read( fd, buf, count );
data/gnupg2-2.2.20/g10/decrypt.c:210:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*line || line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/g10/decrypt.c:214:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/gnupg2-2.2.20/g10/encrypt.c:997:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*line || line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/g10/encrypt.c:1002:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/gnupg2-2.2.20/g10/exec.c:183:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p=xmalloc(5+strlen(path)+1);
data/gnupg2-2.2.20/g10/exec.c:225:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(tmp);
data/gnupg2-2.2.20/g10/exec.c:252:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->tempdir=xmalloc(strlen(tmp)+strlen(DIRSEP_S)+10+1);
data/gnupg2-2.2.20/g10/exec.c:252:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->tempdir=xmalloc(strlen(tmp)+strlen(DIRSEP_S)+10+1);
data/gnupg2-2.2.20/g10/exec.c:267:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->tempfile_in=xmalloc(strlen(info->tempdir)+
data/gnupg2-2.2.20/g10/exec.c:268:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(DIRSEP_S)+strlen(namein)+1);
data/gnupg2-2.2.20/g10/exec.c:268:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(DIRSEP_S)+strlen(namein)+1);
data/gnupg2-2.2.20/g10/exec.c:273:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->tempfile_out=xmalloc(strlen(info->tempdir)+
data/gnupg2-2.2.20/g10/exec.c:274:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(DIRSEP_S)+strlen(nameout)+1);
data/gnupg2-2.2.20/g10/exec.c:274:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(DIRSEP_S)+strlen(nameout)+1);
data/gnupg2-2.2.20/g10/export.c:1529:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, mbox, strlen (mbox));
data/gnupg2-2.2.20/g10/export.c:1537:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (hexfpr)/2;
data/gnupg2-2.2.20/g10/export.c:1547:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_hash_buffer (GCRY_MD_SHA256, hashbuf, mbox, strlen (mbox));
data/gnupg2-2.2.20/g10/export.c:1556:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (hexdata)/2;
data/gnupg2-2.2.20/g10/export.c:1561:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (s) < 64)
data/gnupg2-2.2.20/g10/export.c:2152:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulongtobuf (nbuf, (ulong)strlen (identifier));
data/gnupg2-2.2.20/g10/export.c:2157:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ulongtobuf (nbuf, (ulong)strlen (identifier+11));
data/gnupg2-2.2.20/g10/free-packet.c:241:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pka_info_t *d = xmalloc (sizeof *s + strlen (s->email));
data/gnupg2-2.2.20/g10/getkey.c:286:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*uidlen = strlen (s);
data/gnupg2-2.2.20/g10/getkey.c:1036:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!is_mbox && *name == '<' && name[1] && name[strlen(name)-1]=='>'
data/gnupg2-2.2.20/g10/getkey.c:1038:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& is_valid_mailbox_mem (name+1, strlen (name)-2))
data/gnupg2-2.2.20/g10/getkey.c:1468:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!is_mbox && *name == '<' && name[1] && name[strlen(name)-1]=='>'
data/gnupg2-2.2.20/g10/getkey.c:1470:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& is_valid_mailbox_mem (name+1, strlen (name)-2))
data/gnupg2-2.2.20/g10/getkey.c:3886:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (def_secret_key && def_secret_key[strlen (def_secret_key)-1] == '!'))
data/gnupg2-2.2.20/g10/getkey.c:3972:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*r_len = strlen (p);
data/gnupg2-2.2.20/g10/getkey.c:3992:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*r_len = strlen (p);
data/gnupg2-2.2.20/g10/getkey.c:4001:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p2 = utf8_to_native (p, strlen (p), 0);
data/gnupg2-2.2.20/g10/getkey.c:4070:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*rn = strlen (p);
data/gnupg2-2.2.20/g10/gpg.c:997:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/g10/gpg.c:997:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/g10/gpg.c:1184:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return xrealloc (string, strlen (string)+1);
data/gnupg2-2.2.20/g10/gpg.c:1402:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trim_trailing_ws(name,strlen(name));
data/gnupg2-2.2.20/g10/gpg.c:1432:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trim_trailing_ws(name,strlen(name));
data/gnupg2-2.2.20/g10/gpg.c:1496:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (gnupg_homedir ())))
data/gnupg2-2.2.20/g10/gpg.c:1724:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (es_stdout, giter->name, strlen(giter->name),
data/gnupg2-2.2.20/g10/gpg.c:1730:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (es_stdout, sl->d, strlen (sl->d),
data/gnupg2-2.2.20/g10/gpg.c:1745:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (es_stdout, VERSION, strlen(VERSION), ":", NULL);
data/gnupg2-2.2.20/g10/gpg.c:2041:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(argv[i])+2;
data/gnupg2-2.2.20/g10/gpg.c:2049:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str," ");
data/gnupg2-2.2.20/g10/gpg.c:2229:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ver = &name[strlen (GPG_NAME EXTSEP_S "conf-")];
data/gnupg2-2.2.20/g10/gpg.c:2464:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *d, *buf = xmalloc (strlen (gnupg_homedir ())+1);
data/gnupg2-2.2.20/g10/gpg.c:3174:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
compress_algo_string=xmalloc(strlen(pargs.r.ret_str)+2);
data/gnupg2-2.2.20/g10/gpg.c:3175:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(compress_algo_string,"Z");
data/gnupg2-2.2.20/g10/gpg.c:3584:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (pargs.r.ret_str);
data/gnupg2-2.2.20/g10/gpg.c:4253:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xmalloc_clear( sizeof *sl + strlen(fname));
data/gnupg2-2.2.20/g10/gpg.c:4269:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xmalloc_clear( sizeof *sl + strlen(fname));
data/gnupg2-2.2.20/g10/gpg.c:4297:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xmalloc_clear( sizeof *sl + strlen(fname));
data/gnupg2-2.2.20/g10/gpg.c:5448:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0;i<strlen(string);i++)
data/gnupg2-2.2.20/g10/gpg.c:5452:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(i==0 || i<strlen(string))
data/gnupg2-2.2.20/g10/gpg.c:5481:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0;i<strlen(string);i++)
data/gnupg2-2.2.20/g10/gpg.c:5485:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(i==0 || i<strlen(string))
data/gnupg2-2.2.20/g10/gpg.c:5527:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read (fd, line + i, 1) != 1 || line[i] == '\n')
data/gnupg2-2.2.20/g10/gpgcompose.c:157:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p) % 2 != 0)
data/gnupg2-2.2.20/g10/gpgcompose.c:161:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sk.keylen = strlen (p) / 2;
data/gnupg2-2.2.20/g10/gpgcompose.c:257:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen (option);
data/gnupg2-2.2.20/g10/gpgcompose.c:284:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen (o);
data/gnupg2-2.2.20/g10/gpgcompose.c:328:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newline = &p[strlen (p)];
data/gnupg2-2.2.20/g10/gpgcompose.c:548:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen (argv[0]);
data/gnupg2-2.2.20/g10/gpgcompose.c:1321:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data_len = strlen (data);
data/gnupg2-2.2.20/g10/gpgcompose.c:1356:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen (p); i ++)
data/gnupg2-2.2.20/g10/gpgcompose.c:1360:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p) % 2 != 0)
data/gnupg2-2.2.20/g10/gpgcompose.c:1364:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen (p) / 2;
data/gnupg2-2.2.20/g10/gpgcompose.c:1613:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
si->trust_scope, strlen (si->trust_scope));
data/gnupg2-2.2.20/g10/gpgcompose.c:1645:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
si->key_server, strlen (si->key_server));
data/gnupg2-2.2.20/g10/gpgcompose.c:1655:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
si->policy_uri, strlen (si->policy_uri));
data/gnupg2-2.2.20/g10/gpgcompose.c:1663:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
si->signers_user_id, strlen (si->signers_user_id));
data/gnupg2-2.2.20/g10/gpgcompose.c:1667:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = 1 + strlen (si->reason_for_revocation);
data/gnupg2-2.2.20/g10/gpgcompose.c:2039:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p) != 16)
data/gnupg2-2.2.20/g10/gpgcompose.c:2041:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
option, strlen (p));
data/gnupg2-2.2.20/g10/gpgcompose.c:2264:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = gcry_kdf_derive (si.password, strlen (si.password),
data/gnupg2-2.2.20/g10/gpgcompose.c:2755:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (argv[0]) > 255)
data/gnupg2-2.2.20/g10/gpgcompose.c:2757:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
option, strlen (argv[0]));
data/gnupg2-2.2.20/g10/gpgcompose.c:2804:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = xmalloc_clear (sizeof (*pt) + (li.name ? strlen (li.name) : 0));
data/gnupg2-2.2.20/g10/gpgcompose.c:2821:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt->namelen = strlen (pt->name);
data/gnupg2-2.2.20/g10/gpgcompose.c:2864:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt->len += strlen (data->data);
data/gnupg2-2.2.20/g10/gpgcompose.c:2899:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = iobuf_write (out, data->data, strlen (data->data));
data/gnupg2-2.2.20/g10/gpgsql.c:232:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen (e) + 1;
data/gnupg2-2.2.20/g10/gpgsql.c:243:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen (e) + 1;
data/gnupg2-2.2.20/g10/gpgv.c:128:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/g10/gpgv.c:128:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/g10/helptext.c:42:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = xtrymalloc (4 + strlen (keyword) + 1);
data/gnupg2-2.2.20/g10/helptext.c:50:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = utf8_to_native (result, strlen (result), -1);
data/gnupg2-2.2.20/g10/helptext.c:76:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*result && result[strlen (result)-1] == '\n')
data/gnupg2-2.2.20/g10/import.c:1236:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = buf + strlen (buf);
data/gnupg2-2.2.20/g10/import.c:1287:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *user = utf8_to_native(uid->name,strlen(uid->name),0);
data/gnupg2-2.2.20/g10/import.c:3551:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (unode->pkt->pkt.user_id->name),0);
data/gnupg2-2.2.20/g10/keydb.c:416:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldmask = umask (077);
data/gnupg2-2.2.20/g10/keydb.c:424:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask (oldmask);
data/gnupg2-2.2.20/g10/keydb.c:578:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (desc->sn) : desc->snlen),
data/gnupg2-2.2.20/g10/keydb.c:583:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
? strlen (desc->sn) : desc->snlen),
data/gnupg2-2.2.20/g10/keydb.c:661:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (resname) > 11 && !strncmp( resname, "gnupg-ring:", 11) )
data/gnupg2-2.2.20/g10/keydb.c:666:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (resname) > 10 && !strncmp (resname, "gnupg-kbx:", 10) )
data/gnupg2-2.2.20/g10/keydb.c:707:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filenamelen = strlen (filename);
data/gnupg2-2.2.20/g10/keyedit.c:176:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sig->trust_regexp, strlen (sig->trust_regexp),
data/gnupg2-2.2.20/g10/keyedit.c:366:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (attrib->trust_regexp) + 1);
data/gnupg2-2.2.20/g10/keyedit.c:433:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p) > 0)
data/gnupg2-2.2.20/g10/keyedit.c:445:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ind = strlen (*regexp);
data/gnupg2-2.2.20/g10/keyedit.c:1367:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (text);
data/gnupg2-2.2.20/g10/keyedit.c:1549:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen (cmds[i].name);
data/gnupg2-2.2.20/g10/keyedit.c:1550:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t a = strlen (answer);
data/gnupg2-2.2.20/g10/keyedit.c:1614:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (arg_string) == NAMEHASH_LEN * 2)
data/gnupg2-2.2.20/g10/keyedit.c:2434:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
revlen = strlen (uidtorev);
data/gnupg2-2.2.20/g10/keyedit.c:2506:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
primaryuidlen = strlen (primaryuid);
data/gnupg2-2.2.20/g10/keyedit.c:2692:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen (name+1) == uid->len
data/gnupg2-2.2.20/g10/keyedit.c:3012:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_print_utf8_string (nd->name, strlen (nd->name));
data/gnupg2-2.2.20/g10/keyedit.c:3014:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_print_utf8_string (nd->value, strlen (nd->value));
data/gnupg2-2.2.20/g10/keyedit.c:3164:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_print_notations (5 + strlen (_("Notations: ")), selfsig);
data/gnupg2-2.2.20/g10/keyedit.c:3571:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (serialno) == 32
data/gnupg2-2.2.20/g10/keyedit.c:3626:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int width = 14 - strlen (otrust);
data/gnupg2-2.2.20/g10/keyedit.c:4830:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utf8_to_native (uid->name, strlen (uid->name), 0);
data/gnupg2-2.2.20/g10/keyedit.c:4944:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utf8_to_native (uid->name, strlen (uid->name), 0);
data/gnupg2-2.2.20/g10/keyedit.c:5057:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *user = utf8_to_native (uid->name, strlen (uid->name), 0);
data/gnupg2-2.2.20/g10/keyedit.c:5195:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *user = utf8_to_native (uid->name, strlen (uid->name), 0);
data/gnupg2-2.2.20/g10/keyedit.c:5397:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_assert (strlen (namehash) == NAMEHASH_LEN * 2);
data/gnupg2-2.2.20/g10/keyedit.c:5441:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
is_hex_digits = p && strlen (p) >= 8;
data/gnupg2-2.2.20/g10/keyedit.c:5473:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (p) == 8
data/gnupg2-2.2.20/g10/keyedit.c:5475:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen (p) == 16
data/gnupg2-2.2.20/g10/keyedit.c:5478:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen (p) >= 32);
data/gnupg2-2.2.20/g10/keyedit.c:5490:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p) == 8 || strlen (p) == 16)
data/gnupg2-2.2.20/g10/keyedit.c:5490:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p) == 8 || strlen (p) == 16)
data/gnupg2-2.2.20/g10/keyedit.c:5495:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
format_keyid (kid, strlen (p) == 8 ? KF_SHORT : KF_LONG,
data/gnupg2-2.2.20/g10/keygen.c:185:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xmalloc (MAX_FINGERPRINT_LEN*2+31 + strlen (handle) + 1);
data/gnupg2-2.2.20/g10/keygen.c:225:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (s);
data/gnupg2-2.2.20/g10/keygen.c:449:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*dummy_string && dummy_string[strlen (dummy_string)-1] == ' ')
data/gnupg2-2.2.20/g10/keygen.c:450:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dummy_string[strlen (dummy_string)-1] = 0;
data/gnupg2-2.2.20/g10/keygen.c:458:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(string))
data/gnupg2-2.2.20/g10/keygen.c:785:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
build_sig_subpkt(sig,SIGSUBPKT_PREF_KS,url,strlen(url));
data/gnupg2-2.2.20/g10/keygen.c:808:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n1=strlen(notation->name);
data/gnupg2-2.2.20/g10/keygen.c:810:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n2=strlen(notation->altvalue);
data/gnupg2-2.2.20/g10/keygen.c:814:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n2=strlen(notation->value);
data/gnupg2-2.2.20/g10/keygen.c:1460:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (nbitsstr), nbitsstr,
data/gnupg2-2.2.20/g10/keygen.c:1548:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (nbitsstr), nbitsstr,
data/gnupg2-2.2.20/g10/keygen.c:1549:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (qbitsstr), qbitsstr,
data/gnupg2-2.2.20/g10/keygen.c:1600:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (curve), curve,
data/gnupg2-2.2.20/g10/keygen.c:1607:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (curve), curve,
data/gnupg2-2.2.20/g10/keygen.c:1614:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (curve), curve,
data/gnupg2-2.2.20/g10/keygen.c:1672:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (nbitsstr), nbitsstr,
data/gnupg2-2.2.20/g10/keygen.c:1758:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(togglers) != 8 )
data/gnupg2-2.2.20/g10/keygen.c:1833:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(answer)>1)
data/gnupg2-2.2.20/g10/keygen.c:2079:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (answer) != 40 &&
data/gnupg2-2.2.20/g10/keygen.c:2080:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!(answer[0] == '&' && strlen (answer+1) == 40))
data/gnupg2-2.2.20/g10/keygen.c:2713:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (string);
data/gnupg2-2.2.20/g10/keygen.c:2807:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (*aname && strlen (aname) < 5)
data/gnupg2-2.2.20/g10/keygen.c:2853:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uid = p = xmalloc(strlen(aname)+strlen(amail)+strlen(acomment)+12+10);
data/gnupg2-2.2.20/g10/keygen.c:2853:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uid = p = xmalloc(strlen(aname)+strlen(amail)+strlen(acomment)+12+10);
data/gnupg2-2.2.20/g10/keygen.c:2853:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uid = p = xmalloc(strlen(aname)+strlen(amail)+strlen(acomment)+12+10);
data/gnupg2-2.2.20/g10/keygen.c:2914:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(ansstr) != 10 )
data/gnupg2-2.2.20/g10/keygen.c:2932:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(answer) > 1 )
data/gnupg2-2.2.20/g10/keygen.c:3094:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (string) >= 3 && (digitp (string+3) || !string[3]))
data/gnupg2-2.2.20/g10/keygen.c:3536:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (r->u.value, strlen (r->u.value));
data/gnupg2-2.2.20/g10/keygen.c:3876:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (s1?strlen(s1):0) + (s2?strlen(s2):0) + (s3?strlen(s3):0);
data/gnupg2-2.2.20/g10/keygen.c:3876:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (s1?strlen(s1):0) + (s2?strlen(s2):0) + (s3?strlen(s3):0);
data/gnupg2-2.2.20/g10/keygen.c:3876:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (s1?strlen(s1):0) + (s2?strlen(s2):0) + (s3?strlen(s3):0);
data/gnupg2-2.2.20/g10/keygen.c:4063:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trim_trailing_ws( value, strlen(value) );
data/gnupg2-2.2.20/g10/keygen.c:4117:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trim_trailing_ws( value, strlen(value) );
data/gnupg2-2.2.20/g10/keygen.c:4150:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xmalloc_clear( sizeof *r + strlen( value ) );
data/gnupg2-2.2.20/g10/keygen.c:4215:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xmalloc_clear (sizeof *r + strlen (keygrip));
data/gnupg2-2.2.20/g10/keygen.c:4223:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xmalloc_clear (sizeof *r + strlen (curve));
data/gnupg2-2.2.20/g10/keygen.c:4264:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xmalloc_clear (sizeof *r + strlen (uid));
data/gnupg2-2.2.20/g10/keygen.c:4413:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xmalloc_clear (sizeof *r + strlen (s));
data/gnupg2-2.2.20/g10/keygen.c:4486:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xcalloc (1, sizeof *r + strlen (card_serialno) );
data/gnupg2-2.2.20/g10/keygen.c:4525:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xcalloc (1, sizeof *r + strlen (info.key_attr[1].curve));
data/gnupg2-2.2.20/g10/keygen.c:4542:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (r->u.value, "1");
data/gnupg2-2.2.20/g10/keygen.c:4601:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xmalloc_clear (sizeof *r + strlen (curve));
data/gnupg2-2.2.20/g10/keygen.c:4649:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xmalloc_clear (sizeof *r + strlen (curve));
data/gnupg2-2.2.20/g10/keygen.c:4665:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xmalloc_clear (sizeof *r + strlen (curve));
data/gnupg2-2.2.20/g10/keygen.c:4770:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xcalloc (1, sizeof *r + strlen (uid));
data/gnupg2-2.2.20/g10/keygen.c:4814:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldmask = umask (077);
data/gnupg2-2.2.20/g10/keygen.c:4822:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask (oldmask);
data/gnupg2-2.2.20/g10/keygen.c:4855:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname, strlen (fname), 0);
data/gnupg2-2.2.20/g10/keygen.c:5276:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (algostr && *algostr == '&' && strlen (algostr) == 41)
data/gnupg2-2.2.20/g10/keygen.c:5565:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
para = xtrycalloc (1, sizeof *para + strlen (serialno) );
data/gnupg2-2.2.20/g10/keyid.c:429:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = buffer + strlen (buffer);
data/gnupg2-2.2.20/g10/keyid.c:828:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hexlen = strlen (fingerprint);
data/gnupg2-2.2.20/g10/keylist.c:270:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (serialno) == 32
data/gnupg2-2.2.20/g10/keylist.c:435:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_print_utf8_string2 (fp, nd->name, strlen (nd->name), 0);
data/gnupg2-2.2.20/g10/keylist.c:437:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_print_utf8_string2 (fp, nd->value, strlen (nd->value), 0);
data/gnupg2-2.2.20/g10/keylist.c:450:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nd->name, strlen (nd->name), 0);
data/gnupg2-2.2.20/g10/keylist.c:456:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nd->value, strlen (nd->value), 50);
data/gnupg2-2.2.20/g10/keylist.c:558:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (resname); i; i--)
data/gnupg2-2.2.20/g10/keylist.c:646:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (resname) + strlen (keyring_str) + 2; i; i--)
data/gnupg2-2.2.20/g10/keylist.c:646:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (resname) + strlen (keyring_str) + 2; i; i--)
data/gnupg2-2.2.20/g10/keylist.c:881:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf (buf + strlen (buf), " %lu %u %u %u %lu %lu %u",
data/gnupg2-2.2.20/g10/keylist.c:1021:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mbox, strlen (mbox));
data/gnupg2-2.2.20/g10/keylist.c:1474:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (es_stdout, pk->updateurl, strlen (pk->updateurl),
data/gnupg2-2.2.20/g10/keylist.c:1533:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uid->updateurl, strlen (uid->updateurl),
data/gnupg2-2.2.20/g10/keylist.c:1735:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sig->trust_regexp), ":", NULL);
data/gnupg2-2.2.20/g10/keylist.c:2021:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_fprintf (fp, "%*s\"", (int)strlen(text)+1, "");
data/gnupg2-2.2.20/g10/keylist.c:2027:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_fprintf (fp, "\n%*s ", (int)strlen(text)+1, "");
data/gnupg2-2.2.20/g10/keylist.c:2049:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (serialno) == 32 && !strncmp (serialno, "D27600012401", 12))
data/gnupg2-2.2.20/g10/keyring.c:207:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kr = xmalloc (sizeof *kr + strlen (fname));
data/gnupg2-2.2.20/g10/keyring.c:870:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = pattern = xmalloc(strlen(name)+1);
data/gnupg2-2.2.20/g10/keyring.c:934:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(name)-2 == i
data/gnupg2-2.2.20/g10/keyring.c:1310:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldmask = umask (077);
data/gnupg2-2.2.20/g10/keyring.c:1318:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask (oldmask);
data/gnupg2-2.2.20/g10/keyring.c:1625:10: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldmask=umask(077);
data/gnupg2-2.2.20/g10/keyring.c:1632:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(oldmask);
data/gnupg2-2.2.20/g10/keyserver.c:296:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
data/gnupg2-2.2.20/g10/keyserver.c:296:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keyserver->uri=xmalloc(strlen(keyserver->scheme)+3+strlen(uri)+1);
data/gnupg2-2.2.20/g10/keyserver.c:360:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(keyserver->auth,uri,count);
data/gnupg2-2.2.20/g10/keyserver.c:387:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(keyserver->host,uri,count);
data/gnupg2-2.2.20/g10/keyserver.c:410:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(keyserver->port,uri+1,count);
data/gnupg2-2.2.20/g10/keyserver.c:593:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trim_trailing_ws (keystring, strlen (keystring));
data/gnupg2-2.2.20/g10/keyserver.c:688:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tok)==0)
data/gnupg2-2.2.20/g10/keyserver.c:718:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(decoded)>opt.screen_columns-10)
data/gnupg2-2.2.20/g10/keyserver.c:1527:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parm.searchstr_disp = utf8_to_native (searchstr, strlen (searchstr), 0);
data/gnupg2-2.2.20/g10/keyserver.c:1679:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = 1+1+strlen (desc[idx].u.name);
data/gnupg2-2.2.20/g10/keyserver.c:2145:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hostlen+=strlen(srvlist[i].target)+1;
data/gnupg2-2.2.20/g10/keyserver.c:2161:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(keyserver->host," ");
data/gnupg2-2.2.20/g10/keyserver.c:2169:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hostlen+=5+strlen(domain);
data/gnupg2-2.2.20/g10/mainproc.c:782:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_info (_("original file name='%.*s'\n"), (int)strlen (tmp), tmp);
data/gnupg2-2.2.20/g10/mainproc.c:1266:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (sig->trust_regexp), ":", NULL);
data/gnupg2-2.2.20/g10/mainproc.c:1615:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pka = xmalloc (sizeof *pka + strlen(nd->value));
data/gnupg2-2.2.20/g10/mainproc.c:1877:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sig->signers_uid, strlen (sig->signers_uid), 0);
data/gnupg2-2.2.20/g10/misc.c:914:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (idx + strlen (tmp) < maxlen)
data/gnupg2-2.2.20/g10/misc.c:917:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx += strlen (tmp);
data/gnupg2-2.2.20/g10/misc.c:929:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx+=strlen(&ret[idx]);
data/gnupg2-2.2.20/g10/misc.c:1013:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(str && idx+strlen(str)<maxlen)
data/gnupg2-2.2.20/g10/misc.c:1016:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx+=strlen(str);
data/gnupg2-2.2.20/g10/misc.c:1424:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(s);
data/gnupg2-2.2.20/g10/misc.c:1440:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(opts[i].help && maxlen<strlen(opts[i].name))
data/gnupg2-2.2.20/g10/misc.c:1441:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen=strlen(opts[i].name);
data/gnupg2-2.2.20/g10/misc.c:1446:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen+2-(int)strlen(opts[i].name),"",_(opts[i].help));
data/gnupg2-2.2.20/g10/misc.c:1472:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(toklen!=strlen(opts[i].name))
data/gnupg2-2.2.20/g10/misc.c:1537:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buffer=xmalloc(strlen(envpath)+1+strlen(file)+1);
data/gnupg2-2.2.20/g10/misc.c:1537:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buffer=xmalloc(strlen(envpath)+1+strlen(file)+1);
data/gnupg2-2.2.20/g10/misc.c:1545:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer,"/");
data/gnupg2-2.2.20/g10/openfile.c:100:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (iname);
data/gnupg2-2.2.20/g10/openfile.c:142:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s) + (defname?strlen (defname):0) + 10;
data/gnupg2-2.2.20/g10/openfile.c:142:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s) + (defname?strlen (defname):0) + 10;
data/gnupg2-2.2.20/g10/openfile.c:241:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xmalloc (strlen(iname)+4+1);
data/gnupg2-2.2.20/g10/openfile.c:244:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( dot && dot > buf && dot[1] && strlen(dot) <= 4
data/gnupg2-2.2.20/g10/openfile.c:318:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (sigfilename);
data/gnupg2-2.2.20/g10/openfile.c:388:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(fname) >= strlen (defhome+1)
data/gnupg2-2.2.20/g10/openfile.c:388:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(fname) >= strlen (defhome+1)
data/gnupg2-2.2.20/g10/openfile.c:389:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strcmp(fname+strlen(fname)-strlen(defhome+1), defhome+1 ) ))
data/gnupg2-2.2.20/g10/openfile.c:389:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strcmp(fname+strlen(fname)-strlen(defhome+1), defhome+1 ) ))
data/gnupg2-2.2.20/g10/parse-packet.c:214:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl->flags = strlen (string);
data/gnupg2-2.2.20/g10/parse-packet.c:2885:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uid->len = strlen (uid->name);
data/gnupg2-2.2.20/g10/passphrase.c:131:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next_pw = xmalloc_secure( strlen(s)+1 );
data/gnupg2-2.2.20/g10/passphrase.c:158:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd_passwd = xmalloc_secure(strlen(pass)+1);
data/gnupg2-2.2.20/g10/passphrase.c:178:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!(read (fd, buf, 1) != 1 || *buf == '\n' ))
data/gnupg2-2.2.20/g10/passphrase.c:199:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read( fd, pw+i, 1) != 1 || pw[i] == '\n' )
data/gnupg2-2.2.20/g10/passphrase.c:370:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pw = xmalloc_secure ( strlen(fd_passwd)+1 );
data/gnupg2-2.2.20/g10/passphrase.c:420:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = gcry_kdf_derive (pw, strlen (pw),
data/gnupg2-2.2.20/g10/photoid.c:107:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename)==0)
data/gnupg2-2.2.20/g10/photoid.c:345:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name=xmalloc(16+strlen(EXTSEP_S)+
data/gnupg2-2.2.20/g10/photoid.c:346:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(image_type_to_string(args.imagetype,0))+1);
data/gnupg2-2.2.20/g10/pkclist.c:50:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, strlen (name),
data/gnupg2-2.2.20/g10/pkclist.c:308:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(ans) != 8 )
data/gnupg2-2.2.20/g10/plaintext.c:204:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((c = riscos_get_filetype_from_string (fname, strlen (fname))) != -1)
data/gnupg2-2.2.20/g10/plaintext.c:801:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt = xmalloc (sizeof *pt + strlen (s) - 1);
data/gnupg2-2.2.20/g10/plaintext.c:802:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt->namelen = strlen (s);
data/gnupg2-2.2.20/g10/revoke.c:58:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen += strlen(ud);
data/gnupg2-2.2.20/g10/revoke.c:63:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(buffer+1, ud, strlen(ud) );
data/gnupg2-2.2.20/g10/revoke.c:845:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trim_trailing_ws( answer, strlen(answer) );
data/gnupg2-2.2.20/g10/revoke.c:853:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = make_printable_string( answer, strlen(answer), 0 );
data/gnupg2-2.2.20/g10/revoke.c:861:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = xmalloc( strlen(description) + strlen(answer) + 2 );
data/gnupg2-2.2.20/g10/revoke.c:861:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = xmalloc( strlen(description) + strlen(answer) + 2 );
data/gnupg2-2.2.20/g10/server.c:570:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/g10/server.c:577:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/g10/sign.c:129:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p, strlen (p));
data/gnupg2-2.2.20/g10/sign.c:152:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p, strlen (p));
data/gnupg2-2.2.20/g10/sign.c:166:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID, mbox, strlen (mbox));
data/gnupg2-2.2.20/g10/sign.c:182:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
opt.sender_list->d, strlen (opt.sender_list->d));
data/gnupg2-2.2.20/g10/sign.c:674:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bin2hex (array, n, buf + strlen (buf));
data/gnupg2-2.2.20/g10/skclist.c:218:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locusr->d, strlen (locusr->d), -1);
data/gnupg2-2.2.20/g10/skclist.c:233:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locusr->d, strlen (locusr->d), -1);
data/gnupg2-2.2.20/g10/skclist.c:250:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locusr->d, strlen (locusr->d), -1);
data/gnupg2-2.2.20/g10/skclist.c:261:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locusr->d, strlen (locusr->d), -1);
data/gnupg2-2.2.20/g10/t-rmd160.c:75:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
testtbl[idx].data, strlen(testtbl[idx].data));
data/gnupg2-2.2.20/g10/t-stutter.c:101:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (text) > 8)
data/gnupg2-2.2.20/g10/t-stutter.c:105:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite (&text[8], strlen (text) - 8, 1, stderr);
data/gnupg2-2.2.20/g10/t-stutter.c:108:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite (text, strlen (text), 1, stderr);
data/gnupg2-2.2.20/g10/t-stutter.c:171:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p) % 2 != 0)
data/gnupg2-2.2.20/g10/t-stutter.c:174:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dek.keylen = strlen (p) / 2;
data/gnupg2-2.2.20/g10/tdbdump.c:81:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 9 + strlen (tdbio_get_dbname()); i > 0; i-- )
data/gnupg2-2.2.20/g10/tdbdump.c:160:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(line);
data/gnupg2-2.2.20/g10/tdbio.c:741:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldmask = umask (077);
data/gnupg2-2.2.20/g10/tdbio.c:749:7: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(oldmask);
data/gnupg2-2.2.20/g10/tdbio.c:1533:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read (db_fd, readbuf, TRUST_RECORD_LEN);
data/gnupg2-2.2.20/g10/test.c:161:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc (strlen (srcdir) + strlen ("/g10/") + strlen (fname) + 1);
data/gnupg2-2.2.20/g10/test.c:161:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc (strlen (srcdir) + strlen ("/g10/") + strlen (fname) + 1);
data/gnupg2-2.2.20/g10/test.c:161:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc (strlen (srcdir) + strlen ("/g10/") + strlen (fname) + 1);
data/gnupg2-2.2.20/g10/tofu.c:417:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string, string && strlen(string) > 10 ? "..." : "",
data/gnupg2-2.2.20/g10/tofu.c:418:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tail, tail && strlen(tail) > 10 ? "..." : "",
data/gnupg2-2.2.20/g10/tofu.c:448:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string, string && strlen(string) > 10 ? "..." : "",
data/gnupg2-2.2.20/g10/tofu.c:449:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tail, tail && strlen(tail) > 10 ? "..." : "",
data/gnupg2-2.2.20/g10/tofu.c:1243:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xmalloc_clear (sizeof (*stats) + strlen (fingerprint));
data/gnupg2-2.2.20/g10/tofu.c:1962:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (choices) != 10)
data/gnupg2-2.2.20/g10/tofu.c:2086:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen (iter->d);
data/gnupg2-2.2.20/g10/tofu.c:2470:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int fingerprint_raw_len = strlen (fingerprint) / 2;
data/gnupg2-2.2.20/g10/tofu.c:2477:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!= strlen (fingerprint)))
data/gnupg2-2.2.20/g10/tofu.c:2481:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fingerprint, strlen (fingerprint), len);
data/gnupg2-2.2.20/g10/tofu.c:3116:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
email, strlen (email), 0);
data/gnupg2-2.2.20/g10/tofu.c:3197:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg, strlen (msg)-1, -1);
data/gnupg2-2.2.20/g10/trustdb.c:1530:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t start=0,len=strlen(old),idx=0;
data/gnupg2-2.2.20/g10/trustdb.c:1554:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx=strlen(new);
data/gnupg2-2.2.20/g10/verify.c:133:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = xmalloc(strlen(name)+10);
data/gnupg2-2.2.20/g10/verify.c:203:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( !*line || line[strlen(line)-1] != '\n' ) {
data/gnupg2-2.2.20/g10/verify.c:210:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = 0;
data/gnupg2-2.2.20/g13/be-encfs.c:68:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return send_cmd_bin (runner, string, strlen (string));
data/gnupg2-2.2.20/g13/g13-syshelp.c:637:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/g13/g13-syshelp.c:685:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (words[2]) > 16 || strchr (words[2], '/'))
data/gnupg2-2.2.20/g13/g13-syshelp.c:702:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ti = xtrymalloc (sizeof *ti + strlen (words[1]));
data/gnupg2-2.2.20/g13/server.c:497:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/g13/server.c:504:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/g13/sh-cmd.c:671:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/g13/sh-cmd.c:678:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/g13/sh-cmd.c:704:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (ctx, buf, strlen (buf));
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:267:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
append_tuple (&keyblob, KEYBLOB_TAG_CREATED, tbuf, strlen (tbuf));
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:356:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
append_tuple (&keyblob, KEYBLOB_TAG_ALGOSTR, s, strlen (s));
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:523:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (table, strlen (table));
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:723:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (table, strlen (table));
data/gnupg2-2.2.20/g13/sh-dmcrypt.c:1036:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (table, strlen (table));
data/gnupg2-2.2.20/kbx/kbxutil.c:217:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
switch ( strlen ( s ) ) {
data/gnupg2-2.2.20/kbx/keybox-blob.c:931:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blob->uids[i].len = strlen(names[i]);
data/gnupg2-2.2.20/kbx/keybox-file.c:68:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c1 = getc (fp)) == EOF
data/gnupg2-2.2.20/kbx/keybox-file.c:69:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
|| (c2 = getc (fp)) == EOF
data/gnupg2-2.2.20/kbx/keybox-file.c:70:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
|| (c3 = getc (fp)) == EOF
data/gnupg2-2.2.20/kbx/keybox-file.c:71:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
|| (c4 = getc (fp)) == EOF
data/gnupg2-2.2.20/kbx/keybox-file.c:72:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
|| (type = getc (fp)) == EOF)
data/gnupg2-2.2.20/kbx/keybox-init.c:54:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kr = xtrymalloc (sizeof *kr + strlen (fname));
data/gnupg2-2.2.20/kbx/keybox-search.c:681:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (name);
data/gnupg2-2.2.20/kbx/keybox-search.c:697:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (name);
data/gnupg2-2.2.20/kbx/keybox-search.c:723:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (name);
data/gnupg2-2.2.20/kbx/keybox-search.c:740:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (name);
data/gnupg2-2.2.20/kbx/keybox-search.c:761:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (name);
data/gnupg2-2.2.20/kbx/keybox-util.c:62:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (ext) != 4 || strlen (b_ext) != 4)
data/gnupg2-2.2.20/kbx/keybox-util.c:62:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (ext) != 4 || strlen (b_ext) != 4)
data/gnupg2-2.2.20/kbx/keybox-util.c:64:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
repl = (strlen (filename) > 4
data/gnupg2-2.2.20/kbx/keybox-util.c:65:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strcmp (filename + strlen (filename) - 4, ext));
data/gnupg2-2.2.20/kbx/keybox-util.c:66:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bak_name = xtrymalloc (strlen (filename) + (repl?0:4) + 1);
data/gnupg2-2.2.20/kbx/keybox-util.c:70:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy (bak_name + strlen (filename) - (repl?4:0), b_ext);
data/gnupg2-2.2.20/kbx/keybox-util.c:72:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_name = xtrymalloc (strlen (filename) + (repl?0:4) + 1);
data/gnupg2-2.2.20/kbx/keybox-util.c:80:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy (tmp_name + strlen (filename) - (repl?4:0), t_ext);
data/gnupg2-2.2.20/kbx/keybox-util.c:84:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bak_name = xtrymalloc (strlen (filename) + 2);
data/gnupg2-2.2.20/kbx/keybox-util.c:87:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (stpcpy (bak_name, filename), "~");
data/gnupg2-2.2.20/kbx/keybox-util.c:89:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_name = xtrymalloc (strlen (filename) + 5);
data/gnupg2-2.2.20/scd/apdu.c:1115:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (nreader < (strlen (p)+1))
data/gnupg2-2.2.20/scd/apdu.c:1120:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!rdrname && portstr && !strncmp (p, portstr, strlen (portstr)))
data/gnupg2-2.2.20/scd/apdu.c:1122:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nreader -= strlen (p)+1;
data/gnupg2-2.2.20/scd/apdu.c:1123:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (p) + 1;
data/gnupg2-2.2.20/scd/apdu.c:1904:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (portstr && strlen (portstr) > 5 && portstr[4] == ':')
data/gnupg2-2.2.20/scd/app-dinsig.c:111:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ct_buf, strlen (ct_buf),
data/gnupg2-2.2.20/scd/app-dinsig.c:112:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_buf, strlen (id_buf),
data/gnupg2-2.2.20/scd/app-dinsig.c:152:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_buf, strlen (id_buf),
data/gnupg2-2.2.20/scd/app-dinsig.c:333:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pinvalue) < pininfo.minlen)
data/gnupg2-2.2.20/scd/app-dinsig.c:340:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (pinvalue) > pininfo.maxlen)
data/gnupg2-2.2.20/scd/app-dinsig.c:348:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
data/gnupg2-2.2.20/scd/app-dinsig.c:537:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pinvalue, strlen (pinvalue));
data/gnupg2-2.2.20/scd/app-geldkarte.c:87:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, name, string, strlen (string), NULL, 0);
data/gnupg2-2.2.20/scd/app-nks.c:340:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
data/gnupg2-2.2.20/scd/app-nks.c:347:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
data/gnupg2-2.2.20/scd/app-nks.c:354:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
data/gnupg2-2.2.20/scd/app-nks.c:361:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer, strlen (buffer), NULL, 0);
data/gnupg2-2.2.20/scd/app-nks.c:382:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer, strlen (buffer), NULL, 0);
data/gnupg2-2.2.20/scd/app-nks.c:437:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ct_buf, strlen (ct_buf),
data/gnupg2-2.2.20/scd/app-nks.c:438:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_buf, strlen (id_buf),
data/gnupg2-2.2.20/scd/app-nks.c:465:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_buf, strlen (id_buf),
data/gnupg2-2.2.20/scd/app-nks.c:466:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
usage, strlen (usage),
data/gnupg2-2.2.20/scd/app-nks.c:796:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pinvalue) < minlen)
data/gnupg2-2.2.20/scd/app-nks.c:801:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pinvalue) > maxlen)
data/gnupg2-2.2.20/scd/app-nks.c:859:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = iso7816_verify (app->slot, pwid, pinvalue, strlen (pinvalue));
data/gnupg2-2.2.20/scd/app-nks.c:1254:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldpinlen = strlen (oldpin);
data/gnupg2-2.2.20/scd/app-nks.c:1266:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newpinlen = strlen (newpin);
data/gnupg2-2.2.20/scd/app-openpgp.c:866:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numbuf, (size_t)strlen(numbuf),
data/gnupg2-2.2.20/scd/app-openpgp.c:867:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf, (size_t)strlen (buf), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:883:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numbuf1, (size_t)strlen(numbuf1),
data/gnupg2-2.2.20/scd/app-openpgp.c:884:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numbuf2, (size_t)strlen(numbuf2), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:900:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen = strlen (buffer);
data/gnupg2-2.2.20/scd/app-openpgp.c:910:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name, (size_t)strlen(name),
data/gnupg2-2.2.20/scd/app-openpgp.c:1043:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:1049:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:1058:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (serial) > 16+12)
data/gnupg2-2.2.20/scd/app-openpgp.c:1077:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:1083:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:1095:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf (numbuf+strlen (numbuf), " %d", value[i]);
data/gnupg2-2.2.20/scd/app-openpgp.c:1097:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numbuf, strlen (numbuf), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:1105:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numbuf, strlen (numbuf), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:1203:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (serial && strlen (serial) > 16+12)
data/gnupg2-2.2.20/scd/app-openpgp.c:1845:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idbuf, strlen (idbuf),
data/gnupg2-2.2.20/scd/app-openpgp.c:1846:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
usage, strlen (usage),
data/gnupg2-2.2.20/scd/app-openpgp.c:2147:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = gcry_kdf_derive (pinvalue, strlen (pinvalue),
data/gnupg2-2.2.20/scd/app-openpgp.c:2160:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*r_pinlen = strlen (pinvalue);
data/gnupg2-2.2.20/scd/app-openpgp.c:2274:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (*pinvalue) < minlen)
data/gnupg2-2.2.20/scd/app-openpgp.c:2447:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pinvalue) < minlen)
data/gnupg2-2.2.20/scd/app-openpgp.c:2747:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (oldpinvalue) < minlen)
data/gnupg2-2.2.20/scd/app-openpgp.c:2793:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (resetcode) < minlen)
data/gnupg2-2.2.20/scd/app-openpgp.c:2833:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xtrymalloc (strlen (resetcode) + strlen (pinvalue) + 1);
data/gnupg2-2.2.20/scd/app-openpgp.c:2833:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xtrymalloc (strlen (resetcode) + strlen (pinvalue) + 1);
data/gnupg2-2.2.20/scd/app-openpgp.c:2854:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pinvalue) < 8)
data/gnupg2-2.2.20/scd/app-openpgp.c:2880:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pinvalue, strlen (pinvalue));
data/gnupg2-2.2.20/scd/app-openpgp.c:2883:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pinvalue, strlen (pinvalue));
data/gnupg2-2.2.20/scd/app-openpgp.c:2888:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pinvalue, strlen (pinvalue));
data/gnupg2-2.2.20/scd/app-openpgp.c:2935:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (resetcode, strlen (resetcode));
data/gnupg2-2.2.20/scd/app-openpgp.c:4185:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numbuf, (size_t)strlen(numbuf), NULL, 0);
data/gnupg2-2.2.20/scd/app-openpgp.c:4380:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
data/gnupg2-2.2.20/scd/app-openpgp.c:4559:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
data/gnupg2-2.2.20/scd/app-openpgp.c:4642:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
data/gnupg2-2.2.20/scd/app-openpgp.c:4897:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
data/gnupg2-2.2.20/scd/app-p15.c:500:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp (certid, tmpbuf, strlen (tmpbuf)) )
data/gnupg2-2.2.20/scd/app-p15.c:512:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
certid += strlen (tmpbuf);
data/gnupg2-2.2.20/scd/app-p15.c:2379:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
certtype, strlen (certtype),
data/gnupg2-2.2.20/scd/app-p15.c:2380:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf, strlen (buf),
data/gnupg2-2.2.20/scd/app-p15.c:2480:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (gripstr) == 40);
data/gnupg2-2.2.20/scd/app-p15.c:2483:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf, strlen (buf),
data/gnupg2-2.2.20/scd/app-p15.c:2696:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, name, buf, strlen (buf), NULL, 0);
data/gnupg2-2.2.20/scd/app-p15.c:2733:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, name, tmp, strlen (tmp), NULL, 0);
data/gnupg2-2.2.20/scd/app-p15.c:2988:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pinvalue) < aodf->min_length)
data/gnupg2-2.2.20/scd/app-p15.c:2994:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (aodf->stored_length && strlen (pinvalue) > aodf->stored_length)
data/gnupg2-2.2.20/scd/app-p15.c:3001:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (aodf->max_length_valid && strlen (pinvalue) > aodf->max_length)
data/gnupg2-2.2.20/scd/app-p15.c:3102:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pinvaluelen = strlen (pinvalue);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1317:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
certtype, strlen (certtype),
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1318:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf, strlen (buf),
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1390:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (gripstr) == 40);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1393:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf, strlen (buf),
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1588:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, name, buf, strlen (buf), NULL, 0);
data/gnupg2-2.2.20/scd/app-sc-hsm.c:1743:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = iso7816_verify (app->slot, 0x81, pinvalue, strlen(pinvalue));
data/gnupg2-2.2.20/scd/app.c:428:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbytes += strlen (list[idx]) + 1 + 1;
data/gnupg2-2.2.20/scd/ccid-driver.c:998:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc (strlen (prefix) + n + strlen (suffix) + 1);
data/gnupg2-2.2.20/scd/ccid-driver.c:998:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = malloc (strlen (prefix) + n + strlen (suffix) + 1);
data/gnupg2-2.2.20/scd/ccid-driver.c:1003:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (prefix);
data/gnupg2-2.2.20/scd/ccid-driver.c:1036:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rid = malloc (strlen (prefix) + 3 + 1);
data/gnupg2-2.2.20/scd/ccid-driver.c:1140:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = malloc ((*rid_list? strlen (*rid_list):0) + 1
data/gnupg2-2.2.20/scd/ccid-driver.c:1141:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (rid) + 1);
data/gnupg2-2.2.20/scd/ccid-driver.c:1151:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (p, "\n");
data/gnupg2-2.2.20/scd/ccid-driver.c:1621:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strncmp (rid, spec_reader_name, strlen (spec_reader_name)))
data/gnupg2-2.2.20/scd/command.c:118:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xtrymalloc (strlen (string)+1);
data/gnupg2-2.2.20/scd/command.c:1417:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/scd/command.c:1424:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/scd/command.c:1431:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/scd/command.c:1440:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/scd/command.c:1463:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/scd/command.c:1474:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/scd/command.c:1626:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, p, strlen (p));
data/gnupg2-2.2.20/scd/command.c:1635:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_status_info (ctrl, "CARD-ATR", hexbuf, strlen (hexbuf), NULL, 0);
data/gnupg2-2.2.20/scd/scdaemon.c:279:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/scd/scdaemon.c:279:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/scd/scdaemon.c:488:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
data/gnupg2-2.2.20/scd/scdaemon.c:488:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
data/gnupg2-2.2.20/scd/scdaemon.c:1408:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read (pipe_fd[0], buf, sizeof buf);
data/gnupg2-2.2.20/sm/call-agent.c:249:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = assuan_send_data (parm->ctx, s, strlen (s));
data/gnupg2-2.2.20/sm/call-agent.c:302:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = line + strlen (line);
data/gnupg2-2.2.20/sm/call-agent.c:402:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen (p);
data/gnupg2-2.2.20/sm/call-agent.c:454:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen)
data/gnupg2-2.2.20/sm/call-agent.c:951:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hexkeygrip || strlen (hexkeygrip) != 40)
data/gnupg2-2.2.20/sm/call-agent.c:1098:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hexkeygrip || strlen (hexkeygrip) != 40)
data/gnupg2-2.2.20/sm/call-agent.c:1202:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hexkeygrip || strlen (hexkeygrip) != 40)
data/gnupg2-2.2.20/sm/call-dirmngr.c:1033:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (command) + 1;
data/gnupg2-2.2.20/sm/call-dirmngr.c:1035:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += 1 + 3*strlen (argv[i]); /* enough space for percent escaping */
data/gnupg2-2.2.20/sm/certchain.c:391:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*line || line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/sm/certchain.c:394:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c=getc (fp)) != EOF && c != '\n')
data/gnupg2-2.2.20/sm/certchain.c:426:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen (allowed)] != ':')
data/gnupg2-2.2.20/sm/certchain.c:616:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pattern = xtrymalloc (strlen (s)+2);
data/gnupg2-2.2.20/sm/certchain.c:679:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pattern = xtrymalloc (strlen (issuer)+2);
data/gnupg2-2.2.20/sm/certchain.c:687:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pattern = xtrymalloc (strlen (issuer)+3);
data/gnupg2-2.2.20/sm/certdump.c:170:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_printhex (NULL, string, strlen (string));
data/gnupg2-2.2.20/sm/certdump.c:242:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = xtrymalloc (strlen (p1) + strlen (issuer) + 2 + 1);
data/gnupg2-2.2.20/sm/certdump.c:242:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = xtrymalloc (strlen (p1) + strlen (issuer) + 2 + 1);
data/gnupg2-2.2.20/sm/certdump.c:505:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
print_utf8_buffer3 (stream, dn->value, strlen (dn->value),
data/gnupg2-2.2.20/sm/certdump.c:508:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (stream, dn->value, strlen (dn->value),
data/gnupg2-2.2.20/sm/certdump.c:777:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xtrymalloc (strlen (fpr) + 1 + 3*strlen (name) + 1);
data/gnupg2-2.2.20/sm/certdump.c:777:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xtrymalloc (strlen (fpr) + 1 + 3*strlen (name) + 1);
data/gnupg2-2.2.20/sm/certreqgen-ui.c:208:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (answer) != 40 &&
data/gnupg2-2.2.20/sm/certreqgen-ui.c:209:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!(answer[0] == '&' && strlen (answer+1) == 40))
data/gnupg2-2.2.20/sm/certreqgen.c:272:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*line && line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/sm/certreqgen.c:365:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = xtrycalloc (1, sizeof *r + strlen( value ));
data/gnupg2-2.2.20/sm/certreqgen.c:520:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| s[strlen(s)-1] == '@'
data/gnupg2-2.2.20/sm/certreqgen.c:521:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| s[strlen(s)-1] == '.'
data/gnupg2-2.2.20/sm/certreqgen.c:724:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen (numbuf), numbuf);
data/gnupg2-2.2.20/sm/certreqgen.c:838:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xtrymalloc (strlen (s) + 3);
data/gnupg2-2.2.20/sm/certreqgen.c:846:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (buf+1, ">");
data/gnupg2-2.2.20/sm/certreqgen.c:860:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (s);
data/gnupg2-2.2.20/sm/certreqgen.c:863:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = p = xtrymalloc (11 + strlen (numbuf) + len + 3);
data/gnupg2-2.2.20/sm/certreqgen.c:872:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (p, ")");
data/gnupg2-2.2.20/sm/certreqgen.c:887:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (s);
data/gnupg2-2.2.20/sm/certreqgen.c:890:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = p = xtrymalloc (6 + strlen (numbuf) + len + 3);
data/gnupg2-2.2.20/sm/certreqgen.c:899:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (p, ")");
data/gnupg2-2.2.20/sm/certreqgen.c:1002:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hexbuf = p = xtrymalloc (2 + 1 + strlen (string) + 1);
data/gnupg2-2.2.20/sm/certreqgen.c:1008:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (string) & 1))
data/gnupg2-2.2.20/sm/certreqgen.c:1017:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = p = xtrymalloc (1 + strlen (numbuf) + len + 1 + 1);
data/gnupg2-2.2.20/sm/certreqgen.c:1027:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (p, ")");
data/gnupg2-2.2.20/sm/certreqgen.c:1143:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hexbuf = xtrymalloc (4 + strlen (string) + 1);
data/gnupg2-2.2.20/sm/certreqgen.c:1182:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hexbuf = xtrymalloc (2 + strlen (string) + 1);
data/gnupg2-2.2.20/sm/encrypt.c:159:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bin2hex (dek->key, dek->keylen, p + strlen (p));
data/gnupg2-2.2.20/sm/encrypt.c:161:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = gcry_sexp_sscan (&data, NULL, p, strlen (p));
data/gnupg2-2.2.20/sm/export.c:574:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
array = xtrycalloc (strlen(elems) + 1, sizeof *array);
data/gnupg2-2.2.20/sm/fingerprint.c:305:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gcry_md_hash_buffer (GCRY_MD_SHA1, hash, p, strlen (p));
data/gnupg2-2.2.20/sm/gpgsm.c:542:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/sm/gpgsm.c:542:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
data/gnupg2-2.2.20/sm/gpgsm.c:614:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n=strlen(text)+2;
data/gnupg2-2.2.20/sm/gpgsm.c:623:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(mapf(i)) + 2;
data/gnupg2-2.2.20/sm/gpgsm.c:638:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (p, "\n" );
data/gnupg2-2.2.20/sm/gpgsm.c:799:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset (servers->pass, 0, strlen (servers->pass));
data/gnupg2-2.2.20/sm/import.c:430:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*line && line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/sm/keydb.c:93:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(fname) >= strlen (defhome+1)
data/gnupg2-2.2.20/sm/keydb.c:93:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(fname) >= strlen (defhome+1)
data/gnupg2-2.2.20/sm/keydb.c:94:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strcmp(fname+strlen(fname)-strlen(defhome+1), defhome+1 ) ))
data/gnupg2-2.2.20/sm/keydb.c:94:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strcmp(fname+strlen(fname)-strlen(defhome+1), defhome+1 ) ))
data/gnupg2-2.2.20/sm/keydb.c:207:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldmask = umask (077);
data/gnupg2-2.2.20/sm/keydb.c:212:7: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask (oldmask);
data/gnupg2-2.2.20/sm/keydb.c:217:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask (oldmask);
data/gnupg2-2.2.20/sm/keydb.c:270:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (resname) > 10)
data/gnupg2-2.2.20/sm/keylist.c:513:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, p, strlen (p), ":", NULL);
data/gnupg2-2.2.20/sm/keylist.c:580:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, p, strlen (p), ":", NULL);
data/gnupg2-2.2.20/sm/keylist.c:594:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, kludge_uid, strlen (kludge_uid),
data/gnupg2-2.2.20/sm/keylist.c:613:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, string, strlen (string), NULL, NULL);
data/gnupg2-2.2.20/sm/keylist.c:636:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, p?p:s, strlen (p?p:s), NULL, NULL);
data/gnupg2-2.2.20/sm/keylist.c:1257:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (fp, string, strlen (string), NULL, NULL);
data/gnupg2-2.2.20/sm/keylist.c:1497:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(resname); i; i-- )
data/gnupg2-2.2.20/sm/keylist.c:1573:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(resname); i; i-- )
data/gnupg2-2.2.20/sm/minip12.c:343:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pwlen = strlen (pw);
data/gnupg2-2.2.20/sm/minip12.c:472:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = gcry_kdf_derive (pw, strlen (pw),
data/gnupg2-2.2.20/sm/minip12.c:595:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
convertedpwsize = strlen (pw) + 1;
data/gnupg2-2.2.20/sm/minip12.c:610:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inbytes = strlen (pw);
data/gnupg2-2.2.20/sm/minip12.c:2273:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (keyidstr) == 8);
data/gnupg2-2.2.20/sm/minip12.c:2410:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pwbufsize = strlen (pw)*2 + 1;
data/gnupg2-2.2.20/sm/minip12.c:2428:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inbytes = strlen (pw);
data/gnupg2-2.2.20/sm/passphrase.c:60:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!(read (fd, buf, 1) != 1 || *buf == '\n'))
data/gnupg2-2.2.20/sm/passphrase.c:81:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read (fd, pw+i, 1) != 1 || pw[i] == '\n')
data/gnupg2-2.2.20/sm/qualified.c:83:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*line || line[strlen(line)-1] != '\n')
data/gnupg2-2.2.20/sm/qualified.c:86:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c=getc (listfp)) != EOF && c != '\n')
data/gnupg2-2.2.20/sm/qualified.c:229:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = p = xtrymalloc (strlen (name) * 3 + 1);
data/gnupg2-2.2.20/sm/qualified.c:298:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = p = xtrymalloc (strlen (name) * 3 + 1);
data/gnupg2-2.2.20/sm/server.c:712:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc (sizeof *sl + strlen (line));
data/gnupg2-2.2.20/sm/server.c:810:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc (sizeof *sl + strlen (line));
data/gnupg2-2.2.20/sm/server.c:933:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc (sizeof *sl + strlen (line));
data/gnupg2-2.2.20/sm/server.c:1125:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, s, strlen (s));
data/gnupg2-2.2.20/sm/server.c:1132:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
data/gnupg2-2.2.20/tests/asschk.c:242:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = xmalloc (strlen (s)+1);
data/gnupg2-2.2.20/tests/asschk.c:305:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read (fd, buf, nleft);
data/gnupg2-2.2.20/tests/asschk.c:384:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (line);
data/gnupg2-2.2.20/tests/asschk.c:511:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
var = xcalloc (1, sizeof *var + strlen (name));
data/gnupg2-2.2.20/tests/asschk.c:536:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
var->value = xmalloc (strlen (value) + 1 + 20);
data/gnupg2-2.2.20/tests/asschk.c:561:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = var->value + strlen(var->value)+1;
data/gnupg2-2.2.20/tests/asschk.c:607:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove (p, p+1, strlen (p+1)+1);
data/gnupg2-2.2.20/tests/asschk.c:625:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valuelen = strlen (value);
data/gnupg2-2.2.20/tests/asschk.c:632:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove (p, p+n, strlen (p+n)+1);
data/gnupg2-2.2.20/tests/asschk.c:640:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dst = xmalloc (strlen (src) + valuelen + 1);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:166:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line && strlen (line) > 0)
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:167:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p = &line[strlen (line) - 1]; isspace (*p); p--)
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:206:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep (microseconds);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:376:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (template) > sizeof buffer - 1)
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:378:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buffer, template, sizeof buffer);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:733:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytes_to_write = strlen (buffer);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1081:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read (source, buffer, sizeof buffer);
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1122:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (offset > strlen (haystack))
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1149:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (offset > strlen (haystack))
data/gnupg2-2.2.20/tests/gpgscm/ffi.c:1365:28: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
ffi_define_function (sc, usleep);
data/gnupg2-2.2.20/tests/gpgscm/main.c:132:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ((strlen (p) > 2 && p[1] == ':' && (p[2] == '\\' || p[2] == '/'))
data/gnupg2-2.2.20/tests/gpgscm/main.c:166:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
directory += strlen (directory) + 1, n--)
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:1391:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return mk_counted_string(sc,str,strlen(str));
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:2046:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return fgetc(pt->rep.stdio.file);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:2559:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*plen=strlen(p);
data/gnupg2-2.2.20/tests/gpgscm/scheme.c:5818:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scheme_load_memory(sc, cmd, strlen(cmd), NULL);
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:63:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname_len = strlen (fname);
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:145:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p = buffer + strlen (buffer) - 1; p >= buffer; p--)
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:183:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen (name);
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:291:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buffer, OPT_USER_DATA, strlen (OPT_USER_DATA)) == 0)
data/gnupg2-2.2.20/tests/openpgp/fake-pinentry.c:303:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
option_user_data = args = strdup (buffer + strlen (OPT_USER_DATA));
data/gnupg2-2.2.20/tools/call-dirmngr.c:162:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line) + 2 >= ASSUAN_LINELENGTH)
data/gnupg2-2.2.20/tools/call-dirmngr.c:234:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line) + 2 >= ASSUAN_LINELENGTH)
data/gnupg2-2.2.20/tools/call-dirmngr.c:287:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line) + 2 >= ASSUAN_LINELENGTH)
data/gnupg2-2.2.20/tools/ccidmon.c:605:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (address) >= sizeof databuffer.address)
data/gnupg2-2.2.20/tools/ccidmon.c:779:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (line);
data/gnupg2-2.2.20/tools/clean-sat.c:27:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while( (c=getchar()) == '\n' )
data/gnupg2-2.2.20/tools/clean-sat.c:31:6: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/gnupg2-2.2.20/tools/gpg-check-pattern.c:368:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*p && p[strlen(p)-1] == '/')
data/gnupg2-2.2.20/tools/gpg-check-pattern.c:369:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p)-1] = 0; /* Remove optional delimiter. */
data/gnupg2-2.2.20/tools/gpg-check-pattern.c:386:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
array[arrayidx].u.s.length = strlen (p);
data/gnupg2-2.2.20/tools/gpg-check-pattern.c:455:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc (fp)) != EOF)
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:371:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
var = xmalloc (sizeof *var + strlen (name));
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:663:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove (p, p+1, strlen (p+1)+1);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:708:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valuelen = strlen (value);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:715:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove (p, p+n, strlen (p+n)+1);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:723:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dst = xmalloc (strlen (src) + valuelen + 1);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:776:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = xmalloc (4 + strlen (p) + 1);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:827:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d = xmalloc (sizeof *d + strlen (p) );
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1391:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1406:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1415:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1487:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ll = xmalloc (sizeof *ll + strlen (line));
data/gnupg2-2.2.20/tools/gpg-connect-agent.c:1943:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = assuan_send_data (ctx, tmpvalue, strlen (tmpvalue));
data/gnupg2-2.2.20/tools/gpg-wks-client.c:461:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/tools/gpg-wks-client.c:672:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_write_sanitized (es_stdout, s, strlen (s), ":", NULL);
data/gnupg2-2.2.20/tools/gpg-wks-client.c:1443:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen (value) >= 40))
data/gnupg2-2.2.20/tools/gpg-wks-client.c:1494:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen (value) > 16))
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1217:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wipememory (nonce, strlen (nonce));
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1553:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen (value) > 16))
data/gnupg2-2.2.20/tools/gpg-wks-server.c:1716:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dentry->d_name) != 32)
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1467:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int new_len = 3 * strlen (src) + 1;
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1526:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int new_len = 3 * strlen (src) + 1;
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1629:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t taglen = strlen (tag);
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1660:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eitem = xmalloc (sizeof *eitem + strlen (p));
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1677:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eitem = xmalloc (sizeof *eitem + strlen (p));
data/gnupg2-2.2.20/tools/gpgconf-comp.c:1955:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
es_fprintf (out, ":%u", (unsigned int)((strlen (option->value) + 1) / 2));
data/gnupg2-2.2.20/tools/gpgparsemail.c:256:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c=getc (fp)) != EOF)
data/gnupg2-2.2.20/tools/gpgparsemail.c:518:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = xmalloc (strlen (s1) + strlen (s2) + 2);
data/gnupg2-2.2.20/tools/gpgparsemail.c:518:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = xmalloc (strlen (s1) + strlen (s2) + 2);
data/gnupg2-2.2.20/tools/gpgparsemail.c:642:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (line);
data/gnupg2-2.2.20/tools/gpgsplit.c:208:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = xmalloc (strlen (opt_prefix) + 100 );
data/gnupg2-2.2.20/tools/gpgsplit.c:222:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (c = getc (fp)) == EOF )
data/gnupg2-2.2.20/tools/gpgsplit.c:225:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (c = getc (fp)) == EOF )
data/gnupg2-2.2.20/tools/gpgsplit.c:395:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread < count && (c=getc (fpin)) != EOF;
data/gnupg2-2.2.20/tools/gpgsplit.c:490:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread < count && (c=getc (fpin)) != EOF;
data/gnupg2-2.2.20/tools/gpgsplit.c:575:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (fpin);
data/gnupg2-2.2.20/tools/gpgsplit.c:629:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if ((c = getc (fpin)) == EOF )
data/gnupg2-2.2.20/tools/gpgsplit.c:642:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc (fpin)) == EOF)
data/gnupg2-2.2.20/tools/gpgsplit.c:668:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc (fpin)) == EOF)
data/gnupg2-2.2.20/tools/gpgsplit.c:691:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (fpin);
data/gnupg2-2.2.20/tools/gpgsplit.c:705:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc (fpin)) == EOF)
data/gnupg2-2.2.20/tools/gpgsplit.c:732:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c=getc (fpin)) != EOF )
data/gnupg2-2.2.20/tools/gpgsplit.c:752:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc (fpin);
data/gnupg2-2.2.20/tools/gpgsplit.c:791:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ctb = getc (fp);
data/gnupg2-2.2.20/tools/gpgsplit.c:804:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if( (c = getc (fp)) == EOF )
data/gnupg2-2.2.20/tools/gpgsplit.c:813:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if( (c = getc (fp)) == EOF )
data/gnupg2-2.2.20/tools/gpgsplit.c:852:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if( (c = getc (fp)) == EOF )
data/gnupg2-2.2.20/tools/gpgtar-create.c:226:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dnamelen = strlen (dname);
data/gnupg2-2.2.20/tools/gpgtar-create.c:231:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ (entryname? strlen (entryname) : 0) + 1);
data/gnupg2-2.2.20/tools/gpgtar-create.c:283:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = xtrymalloc (strlen (dname) + 2 + 2 + 1);
data/gnupg2-2.2.20/tools/gpgtar-create.c:292:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (fname, "*");
data/gnupg2-2.2.20/tools/gpgtar-create.c:293:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (*dname && dname[strlen (dname)-1] == '/')
data/gnupg2-2.2.20/tools/gpgtar-create.c:294:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (stpcpy (fname, dname), "*");
data/gnupg2-2.2.20/tools/gpgtar-create.c:295:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (*dname && dname[strlen (dname)-1] != '*')
data/gnupg2-2.2.20/tools/gpgtar-create.c:574:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (hdr->name);
data/gnupg2-2.2.20/tools/gpgtar-extract.c:112:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefixlen = strlen (dirname) + 1;
data/gnupg2-2.2.20/tools/gpgtar-extract.c:123:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fname[strlen (fname)-1] == '/')
data/gnupg2-2.2.20/tools/gpgtar-extract.c:124:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen (fname)-1] = 0;
data/gnupg2-2.2.20/tools/gpgtar-extract.c:173:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (hdr->name);
data/gnupg2-2.2.20/tools/gpgtar-extract.c:229:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (dirprefix);
data/gnupg2-2.2.20/tools/make-dns-cert.c:80:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
err = read (fd,buffer,1024);
data/gnupg2-2.2.20/tools/make-dns-cert.c:140:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(url);
data/gnupg2-2.2.20/tools/mime-maker.c:302:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (name);
data/gnupg2-2.2.20/tools/mime-maker.c:327:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p = hdr->value + strlen (hdr->value) - 1;
data/gnupg2-2.2.20/tools/mime-maker.c:450:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return add_body (ctx, string, strlen (string));
data/gnupg2-2.2.20/tools/mime-parser.c:703:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (line);
data/gnupg2-2.2.20/tools/no-libgcrypt.c:58:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = malloc (strlen (string)+1);
data/gnupg2-2.2.20/tools/no-libgcrypt.c:101:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
void *p = malloc (strlen (string)+1);
data/gnupg2-2.2.20/tools/rfc822parse.c:253:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (name);
data/gnupg2-2.2.20/tools/rfc822parse.c:424:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg->current_part->boundary = malloc (strlen (s) + 1);
data/gnupg2-2.2.20/tools/rfc822parse.c:523:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t blen = strlen (msg->boundary);
data/gnupg2-2.2.20/tools/rfc822parse.c:609:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (h->line) + 1;
data/gnupg2-2.2.20/tools/rfc822parse.c:611:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen (h2->line) + 1;
data/gnupg2-2.2.20/tools/rfc822parse.c:700:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen (name);
data/gnupg2-2.2.20/tools/rfc822parse.c:798:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (old->data);
data/gnupg2-2.2.20/tools/rfc822parse.c:1311:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (line);
data/gnupg2-2.2.20/tools/sockprox.c:87:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (name.sun_path, filename, sizeof (name.sun_path));
data/gnupg2-2.2.20/tools/sockprox.c:133:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (srvr_addr.sun_path, filename, sizeof (srvr_addr.sun_path) - 1);
data/gnupg2-2.2.20/tools/symcryptrun.c:323:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen (p) - 1] == '/')
data/gnupg2-2.2.20/tools/symcryptrun.c:636:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read (cstderr[0], &buffer[buffer_len],
data/gnupg2-2.2.20/tools/symcryptrun.c:681:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read (master, data, sizeof (data));
data/gnupg2-2.2.20/tools/symcryptrun.c:727:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write (master, pass, strlen (pass));
data/gnupg2-2.2.20/tools/symcryptrun.c:810:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infile = malloc (strlen (tmpdir) + 1 + 2 + 1);
data/gnupg2-2.2.20/tools/symcryptrun.c:823:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outfile = malloc (strlen (tmpdir) + 1 + 3 + 1);
data/gnupg2-2.2.20/tools/watchgnupg.c:185:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/gnupg2-2.2.20/tools/watchgnupg.c:413:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (srvr_addr_un.sun_path, *argv, sizeof (srvr_addr_un.sun_path)-1);
data/gnupg2-2.2.20/tools/watchgnupg.c:486:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read (client->fd, line, sizeof line - 1);
data/gnupg2-2.2.20/tools/wks-util.c:107:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = xtrymalloc (sizeof *sl + strlen (uid));
data/gnupg2-2.2.20/tools/wks-util.c:600:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
ANALYSIS SUMMARY:
Hits = 3730
Lines analyzed = 315452 in approximately 8.12 seconds (38871 lines/second)
Physical Source Lines of Code (SLOC) = 234008
Hits@level = [0] 943 [1] 1255 [2] 2036 [3] 74 [4] 362 [5] 3
Hits@level+ = [0+] 4673 [1+] 3730 [2+] 2475 [3+] 439 [4+] 365 [5+] 3
Hits/KSLOC@level+ = [0+] 19.9694 [1+] 15.9396 [2+] 10.5766 [3+] 1.876 [4+] 1.55978 [5+] 0.0128201
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.