Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gsoap-2.8.104/gsoap/ios_plugin/gsoapios.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/Air/Air/Air/ViewController.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/Air/Air/Air/AppDelegate.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/Air/airport.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/calc/calc/calc/ViewController.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/calc/calc/calc/AppDelegate.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/calc/calc.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/app2/GeoIPService.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/app2/app2/app2/ViewController.h
Examining data/gsoap-2.8.104/gsoap/ios_plugin/examples/app2/app2/app2/AppDelegate.h
Examining data/gsoap-2.8.104/gsoap/src/lex.yy.c
Examining data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.h
Examining data/gsoap-2.8.104/gsoap/src/soapcpp2.c
Examining data/gsoap-2.8.104/gsoap/src/init2.c
Examining data/gsoap-2.8.104/gsoap/src/error2.c
Examining data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c
Examining data/gsoap-2.8.104/gsoap/src/error2.h
Examining data/gsoap-2.8.104/gsoap/src/soapcpp2.h
Examining data/gsoap-2.8.104/gsoap/src/symbol2.c
Examining data/gsoap-2.8.104/gsoap/uddi2/uddi_v2.h
Examining data/gsoap-2.8.104/gsoap/uddi2/example2.cpp
Examining data/gsoap-2.8.104/gsoap/uddi2/publish_v2.h
Examining data/gsoap-2.8.104/gsoap/uddi2/example1.cpp
Examining data/gsoap-2.8.104/gsoap/uddi2/inquire_v2.cpp
Examining data/gsoap-2.8.104/gsoap/uddi2/publish_v2.cpp
Examining data/gsoap-2.8.104/gsoap/uddi2/example3.cpp
Examining data/gsoap-2.8.104/gsoap/uddi2/inquire_v2.h
Examining data/gsoap-2.8.104/gsoap/doc/guide/stdsoap2.h
Examining data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/dime/dimeclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/dime/dime.h
Examining data/gsoap-2.8.104/gsoap/samples/udp/udpclient.c
Examining data/gsoap-2.8.104/gsoap/samples/udp/udp.h
Examining data/gsoap-2.8.104/gsoap/samples/udp/udpserver.c
Examining data/gsoap-2.8.104/gsoap/samples/template/primes.cpp
Examining data/gsoap-2.8.104/gsoap/samples/template/simple_vector.h
Examining data/gsoap-2.8.104/gsoap/samples/template/primes.h
Examining data/gsoap-2.8.104/gsoap/samples/wsa/wsademo.c
Examining data/gsoap-2.8.104/gsoap/samples/wsa/wsademo.h
Examining data/gsoap-2.8.104/gsoap/samples/rss/rss.h
Examining data/gsoap-2.8.104/gsoap/samples/rss/rss.c
Examining data/gsoap-2.8.104/gsoap/samples/link/gmt.h
Examining data/gsoap-2.8.104/gsoap/samples/link/xmas.h
Examining data/gsoap-2.8.104/gsoap/samples/link/env.h
Examining data/gsoap-2.8.104/gsoap/samples/link/xmas.c
Examining data/gsoap-2.8.104/gsoap/samples/link/header.h
Examining data/gsoap-2.8.104/gsoap/samples/link/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/link/fault.h
Examining data/gsoap-2.8.104/gsoap/samples/polytest/polymorph.cpp
Examining data/gsoap-2.8.104/gsoap/samples/polytest/polymorph.h
Examining data/gsoap-2.8.104/gsoap/samples/hello/helloclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/hello/helloserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/hello/hello.h
Examining data/gsoap-2.8.104/gsoap/samples/varparam/varparam.h
Examining data/gsoap-2.8.104/gsoap/samples/varparam/varparam.cpp
Examining data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.h
Examining data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c
Examining data/gsoap-2.8.104/gsoap/samples/wsse/wsselite.c
Examining data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.h
Examining data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c
Examining data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp
Examining data/gsoap-2.8.104/gsoap/samples/mashup/mashupclient.c
Examining data/gsoap-2.8.104/gsoap/samples/mashup/mashup.h
Examining data/gsoap-2.8.104/gsoap/samples/mashup/mashupserver.c
Examining data/gsoap-2.8.104/gsoap/samples/roll/rollclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/roll/roll.h
Examining data/gsoap-2.8.104/gsoap/samples/roll/rollserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/soapC.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/soapStub.h
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/soapcalcProxy.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/soapcalcProxy.h
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/calcclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/soapH.h
Examining data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h
Parsing failed to find end of parameter list; semicolon terminated it in ((buf)
# endif
/* copy string (truncating the result, strings must not be NULL) */
#if _MSC_VER >= 1400
# define soap_strcpy(buf, len, src) (void)strncpy_s((buf), (len), (src), _TRUNCATE)
#elif defin
Examining data/gsoap-2.8.104/gsoap/samples/chaining++/quote.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining++/env.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining++/header.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining++/chaining.cpp
Examining data/gsoap-2.8.104/gsoap/samples/chaining++/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining++/chaining2.cpp
Examining data/gsoap-2.8.104/gsoap/samples/chaining++/fault.h
Examining data/gsoap-2.8.104/gsoap/samples/webserver/opt.h
Examining data/gsoap-2.8.104/gsoap/samples/webserver/options.c
Examining data/gsoap-2.8.104/gsoap/samples/webserver/options.h
Examining data/gsoap-2.8.104/gsoap/samples/webserver/webserver.h
Examining data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c
Examining data/gsoap-2.8.104/gsoap/samples/calc_xcode/soapC.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc_xcode/soapStub.h
Examining data/gsoap-2.8.104/gsoap/samples/calc_xcode/soapcalcProxy.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc_xcode/soapcalcProxy.h
Examining data/gsoap-2.8.104/gsoap/samples/calc_xcode/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/calc_xcode/calcclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc_xcode/soapH.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining/quote.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining/chaining.c
Examining data/gsoap-2.8.104/gsoap/samples/chaining/env.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining/header.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/chaining/fault.h
Examining data/gsoap-2.8.104/gsoap/samples/curl/curlrest.c
Examining data/gsoap-2.8.104/gsoap/samples/curl/curl-json-currentTime.c
Examining data/gsoap-2.8.104/gsoap/samples/curl/curlclient.c
Examining data/gsoap-2.8.104/gsoap/samples/curl/person.h
Examining data/gsoap-2.8.104/gsoap/samples/curl/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/curl/curlclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc/calcserver.c
Examining data/gsoap-2.8.104/gsoap/samples/calc/calcclient.c
Examining data/gsoap-2.8.104/gsoap/samples/calc/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/lu/lu.h
Examining data/gsoap-2.8.104/gsoap/samples/lu/lumat.cpp
Examining data/gsoap-2.8.104/gsoap/samples/lu/luserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/lu/luclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/gmt/gmt.h
Examining data/gsoap-2.8.104/gsoap/samples/gmt/gmtclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/gmt/gmtserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/rest/person.cpp
Examining data/gsoap-2.8.104/gsoap/samples/rest/calcrest.h
Examining data/gsoap-2.8.104/gsoap/samples/rest/httpposttest.c
Examining data/gsoap-2.8.104/gsoap/samples/rest/calcrest.c
Examining data/gsoap-2.8.104/gsoap/samples/rest/httpgettest.c
Examining data/gsoap-2.8.104/gsoap/samples/rest/person.h
Examining data/gsoap-2.8.104/gsoap/samples/rest/person.c
Examining data/gsoap-2.8.104/gsoap/samples/rest/httpposttest.h
Examining data/gsoap-2.8.104/gsoap/samples/rest/httpgettest.h
Examining data/gsoap-2.8.104/gsoap/samples/databinding/address.cpp
Examining data/gsoap-2.8.104/gsoap/samples/databinding/graph.h
Examining data/gsoap-2.8.104/gsoap/samples/databinding/graph.cpp
Examining data/gsoap-2.8.104/gsoap/samples/wsrm/wsrmdemo.c
Examining data/gsoap-2.8.104/gsoap/samples/wsrm/wsrmdemo.h
Examining data/gsoap-2.8.104/gsoap/samples/primes/primes.cpp
Examining data/gsoap-2.8.104/gsoap/samples/primes/simple_vector.h
Examining data/gsoap-2.8.104/gsoap/samples/primes/primes.h
Examining data/gsoap-2.8.104/gsoap/samples/factory/factory.h
Examining data/gsoap-2.8.104/gsoap/samples/factory/factory.cpp
Examining data/gsoap-2.8.104/gsoap/samples/dom/domcpp.cpp
Examining data/gsoap-2.8.104/gsoap/samples/dom/dom2calc.cpp
Examining data/gsoap-2.8.104/gsoap/samples/dom/dom2calc.h
Examining data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/httpcookies/ck.h
Examining data/gsoap-2.8.104/gsoap/samples/httpcookies/ckclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/aws/aws-s3.cpp
Examining data/gsoap-2.8.104/gsoap/samples/aws/aws-s3.h
Examining data/gsoap-2.8.104/gsoap/samples/googleapi/GoogleDirections.hpp
Examining data/gsoap-2.8.104/gsoap/samples/googleapi/gdx.cpp
Examining data/gsoap-2.8.104/gsoap/samples/googleapi/gdm.hpp
Examining data/gsoap-2.8.104/gsoap/samples/googleapi/GoogleDistanceMatrix.h
Examining data/gsoap-2.8.104/gsoap/samples/googleapi/env.h
Examining data/gsoap-2.8.104/gsoap/samples/googleapi/GoogleDistanceMatrix.hpp
Examining data/gsoap-2.8.104/gsoap/samples/googleapi/gdm.cpp
Examining data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp
Examining data/gsoap-2.8.104/gsoap/samples/atom/atom.cpp
Examining data/gsoap-2.8.104/gsoap/samples/atom/atom.h
Examining data/gsoap-2.8.104/gsoap/samples/ssl/ssl_setup.h
Examining data/gsoap-2.8.104/gsoap/samples/ssl/cacerts.c
Examining data/gsoap-2.8.104/gsoap/samples/ssl/ssl_setup.c
Examining data/gsoap-2.8.104/gsoap/samples/ssl/thread_setup.c
Examining data/gsoap-2.8.104/gsoap/samples/ssl/sslserver.c
Examining data/gsoap-2.8.104/gsoap/samples/ssl/ssl_setup.cpp
Examining data/gsoap-2.8.104/gsoap/samples/ssl/thread_setup.h
Examining data/gsoap-2.8.104/gsoap/samples/ssl/ssl.h
Examining data/gsoap-2.8.104/gsoap/samples/ssl/sslclient.c
Examining data/gsoap-2.8.104/gsoap/samples/ssl/cacerts.h
Examining data/gsoap-2.8.104/gsoap/samples/router/router.c
Examining data/gsoap-2.8.104/gsoap/samples/router/router.h
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncrest2.cpp
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncsoap2.cpp
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncsoap.cpp
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncrest.c
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncsoap2.c
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncsoap3.cpp
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncrest3.c
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncrest.cpp
Examining data/gsoap-2.8.104/gsoap/samples/async/async.h
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncsoap3.c
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncrest2.c
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncsoap.c
Examining data/gsoap-2.8.104/gsoap/samples/async/asyncrest3.cpp
Examining data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.h
Examining data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c
Examining data/gsoap-2.8.104/gsoap/samples/link++/gmt.h
Examining data/gsoap-2.8.104/gsoap/samples/link++/env.h
Examining data/gsoap-2.8.104/gsoap/samples/link++/gmt_time_t.h
Examining data/gsoap-2.8.104/gsoap/samples/link++/header.h
Examining data/gsoap-2.8.104/gsoap/samples/link++/xmas.cpp
Examining data/gsoap-2.8.104/gsoap/samples/link++/xmas.hpp
Examining data/gsoap-2.8.104/gsoap/samples/link++/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/link++/fault.h
Examining data/gsoap-2.8.104/gsoap/samples/wcf/WS/DualHttp/calculator.h
Examining data/gsoap-2.8.104/gsoap/samples/wcf/WS/DualHttp/calculator.cpp
Examining data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.h
Examining data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp
Examining data/gsoap-2.8.104/gsoap/samples/wcf/Basic/TransportSecurity/calculator.h
Examining data/gsoap-2.8.104/gsoap/samples/wcf/Basic/TransportSecurity/calculator.cpp
Examining data/gsoap-2.8.104/gsoap/samples/wcf/Basic/Http/calculator.h
Examining data/gsoap-2.8.104/gsoap/samples/wcf/Basic/Http/calculator.cpp
Examining data/gsoap-2.8.104/gsoap/samples/magic/magic.h
Examining data/gsoap-2.8.104/gsoap/samples/magic/magicserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/magic/magic.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-GitHub.c
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-currentTime.c
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-io.h
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-currentTime.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-iters.h
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json.h
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc.c
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-weblogs.c
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-currentTime.c
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-GitHub.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-GoogleDistanceMatrix.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-currentTimeServer.c
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-weblogs.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-io.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-currentTimeServer.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-currentTime.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/jsoncpp.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc.h
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-currentTimeServer.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-json.cpp
Examining data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json.c
Examining data/gsoap-2.8.104/gsoap/samples/mashup++/mashup.hpp
Examining data/gsoap-2.8.104/gsoap/samples/mashup++/mashupserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/mashup++/mashupclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/oneway++/event.h
Examining data/gsoap-2.8.104/gsoap/samples/oneway++/event.cpp
Examining data/gsoap-2.8.104/gsoap/samples/oneway++/handler.cpp
Examining data/gsoap-2.8.104/gsoap/samples/factorytest/factorytest.h
Examining data/gsoap-2.8.104/gsoap/samples/factorytest/factorytest.cpp
Examining data/gsoap-2.8.104/gsoap/samples/oneway/event.h
Examining data/gsoap-2.8.104/gsoap/samples/oneway/handler.c
Examining data/gsoap-2.8.104/gsoap/samples/oneway/event.c
Examining data/gsoap-2.8.104/gsoap/samples/calc++/calc.h
Examining data/gsoap-2.8.104/gsoap/samples/calc++/calcclient.cpp
Examining data/gsoap-2.8.104/gsoap/samples/calc++/calcserver.cpp
Examining data/gsoap-2.8.104/gsoap/samples/mtom/mtom-test.c
Examining data/gsoap-2.8.104/gsoap/samples/mtom/mtom-test.h
Examining data/gsoap-2.8.104/gsoap/wsdl/imports.h
Examining data/gsoap-2.8.104/gsoap/wsdl/gwsdl.h
Examining data/gsoap-2.8.104/gsoap/wsdl/bpel.h
Examining data/gsoap-2.8.104/gsoap/wsdl/wsdl.h
Examining data/gsoap-2.8.104/gsoap/wsdl/soap.h
Examining data/gsoap-2.8.104/gsoap/wsdl/schema.h
Examining data/gsoap-2.8.104/gsoap/wsdl/service.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/wsrmp.h
Examining data/gsoap-2.8.104/gsoap/wsdl/wst.h
Examining data/gsoap-2.8.104/gsoap/wsdl/schema.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/wsp.h
Examining data/gsoap-2.8.104/gsoap/wsdl/wsp.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/types.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/wadl.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/types.h
Examining data/gsoap-2.8.104/gsoap/wsdl/wsam.h
Examining data/gsoap-2.8.104/gsoap/wsdl/wsu.h
Examining data/gsoap-2.8.104/gsoap/wsdl/soap.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/service.h
Examining data/gsoap-2.8.104/gsoap/wsdl/bpel.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/mime.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/mime.h
Examining data/gsoap-2.8.104/gsoap/wsdl/wsdl2h.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/wadl.h
Examining data/gsoap-2.8.104/gsoap/wsdl/includes.h
Examining data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp
Examining data/gsoap-2.8.104/gsoap/wsdl/sp.h
Examining data/gsoap-2.8.104/gsoap/wsdl/dime.h
Examining data/gsoap-2.8.104/gsoap/wsdl/http.h
Examining data/gsoap-2.8.104/gsoap/plugin/httpdatest.h
Examining data/gsoap-2.8.104/gsoap/plugin/httpmd5test.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpget.h
Examining data/gsoap-2.8.104/gsoap/plugin/httppipe.h
Examining data/gsoap-2.8.104/gsoap/plugin/threads.c
Examining data/gsoap-2.8.104/gsoap/plugin/md5evp.h
Examining data/gsoap-2.8.104/gsoap/plugin/wsaapi.h
Examining data/gsoap-2.8.104/gsoap/plugin/cacerts.c
Examining data/gsoap-2.8.104/gsoap/plugin/logging.h
Examining data/gsoap-2.8.104/gsoap/plugin/httppost.h
Examining data/gsoap-2.8.104/gsoap/plugin/httppost.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpget.c
Examining data/gsoap-2.8.104/gsoap/plugin/wsse2api.h
Examining data/gsoap-2.8.104/gsoap/plugin/sessions.c
Examining data/gsoap-2.8.104/gsoap/plugin/wsseapi-lite.h
Examining data/gsoap-2.8.104/gsoap/plugin/wstapi.h
Examining data/gsoap-2.8.104/gsoap/plugin/calcrest.h
Examining data/gsoap-2.8.104/gsoap/plugin/wsddapi.c
Examining data/gsoap-2.8.104/gsoap/plugin/sessions.h
Examining data/gsoap-2.8.104/gsoap/plugin/wsseapi.h
Examining data/gsoap-2.8.104/gsoap/plugin/httpmd5.c
Examining data/gsoap-2.8.104/gsoap/plugin/logging.c
Examining data/gsoap-2.8.104/gsoap/plugin/plugin.h
Examining data/gsoap-2.8.104/gsoap/plugin/httppipe.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpform.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpposttest.c
Examining data/gsoap-2.8.104/gsoap/plugin/plugin.c
Examining data/gsoap-2.8.104/gsoap/plugin/curlapi.c
Examining data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp
Examining data/gsoap-2.8.104/gsoap/plugin/httpmd5test.h
Examining data/gsoap-2.8.104/gsoap/plugin/httpgettest.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpdatest.c
Examining data/gsoap-2.8.104/gsoap/plugin/threads.h
Examining data/gsoap-2.8.104/gsoap/plugin/mecevp.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpmd5.h
Examining data/gsoap-2.8.104/gsoap/plugin/curlapi.h
Examining data/gsoap-2.8.104/gsoap/plugin/md5evp.c
Examining data/gsoap-2.8.104/gsoap/plugin/wsseapi-lite.c
Examining data/gsoap-2.8.104/gsoap/plugin/smdevp.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpform.h
Examining data/gsoap-2.8.104/gsoap/plugin/wsrmapi.h
Examining data/gsoap-2.8.104/gsoap/plugin/mq.c
Examining data/gsoap-2.8.104/gsoap/plugin/wsddapi.h
Examining data/gsoap-2.8.104/gsoap/plugin/smdevp.h
Examining data/gsoap-2.8.104/gsoap/plugin/wsaapi.c
Examining data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c
Examining data/gsoap-2.8.104/gsoap/plugin/wstapi.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpposttest.h
Examining data/gsoap-2.8.104/gsoap/plugin/mq.h
Examining data/gsoap-2.8.104/gsoap/plugin/wsseapi.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpda.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpgettest.h
Examining data/gsoap-2.8.104/gsoap/plugin/wsse2api.c
Examining data/gsoap-2.8.104/gsoap/plugin/httpda.h
Examining data/gsoap-2.8.104/gsoap/plugin/mecevp.h
Examining data/gsoap-2.8.104/gsoap/plugin/cacerts.h
Examining data/gsoap-2.8.104/gsoap/dom.c
Examining data/gsoap-2.8.104/gsoap/TandemNonStop/tandem.c
Examining data/gsoap-2.8.104/gsoap/TandemNonStop/tandemnw.c
Examining data/gsoap-2.8.104/gsoap/TandemNonStop/client.c
Examining data/gsoap-2.8.104/gsoap/TandemNonStop/calc.h
Examining data/gsoap-2.8.104/gsoap/TandemNonStop/tandem.h
Examining data/gsoap-2.8.104/gsoap/TandemNonStop/server.c
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/init2.c
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/error2.c
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/error2.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/imports.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/gwsdl.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/bpel.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/soap.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsrmp.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wst.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsp.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsp.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wadl.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsam.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsu.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/soap.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/bpel.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/mime.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/mime.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl2h.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wadl.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/includes.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/sp.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h
Parsing failed to find end of parameter list; semicolon terminated it in ((buf)
# endif
/* copy string (truncating the result, strings must not be NULL) */
#if _MSC_VER >= 1400
# define soap_strcpy(buf, len, src) (void)strncpy_s((buf), (len), (src), _TRUNCATE)
#elif defin
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/dime.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stlvector.h
Examining data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/http.h
Examining data/gsoap-2.8.104/gsoap/dom.cpp
Examining data/gsoap-2.8.104/gsoap/custom/duration.h
Examining data/gsoap-2.8.104/gsoap/custom/struct_tm.h
Examining data/gsoap-2.8.104/gsoap/custom/int128.h
Examining data/gsoap-2.8.104/gsoap/custom/float128.c
Examining data/gsoap-2.8.104/gsoap/custom/struct_tm_date.h
Examining data/gsoap-2.8.104/gsoap/custom/struct_tm.c
Examining data/gsoap-2.8.104/gsoap/custom/float128.h
Examining data/gsoap-2.8.104/gsoap/custom/qdatetime.h
Examining data/gsoap-2.8.104/gsoap/custom/qbytearray_hex.h
Examining data/gsoap-2.8.104/gsoap/custom/chrono_time_point.h
Examining data/gsoap-2.8.104/gsoap/custom/long_time.c
Examining data/gsoap-2.8.104/gsoap/custom/long_double.h
Examining data/gsoap-2.8.104/gsoap/custom/qbytearray_hex.cpp
Examining data/gsoap-2.8.104/gsoap/custom/qdate.cpp
Examining data/gsoap-2.8.104/gsoap/custom/struct_tm_date.c
Examining data/gsoap-2.8.104/gsoap/custom/long_time.h
Examining data/gsoap-2.8.104/gsoap/custom/qstring.cpp
Examining data/gsoap-2.8.104/gsoap/custom/chrono_duration.cpp
Examining data/gsoap-2.8.104/gsoap/custom/qtime.cpp
Examining data/gsoap-2.8.104/gsoap/custom/chrono_time_point.cpp
Examining data/gsoap-2.8.104/gsoap/custom/qbytearray_base64.h
Examining data/gsoap-2.8.104/gsoap/custom/qdatetime.cpp
Examining data/gsoap-2.8.104/gsoap/custom/int128.c
Examining data/gsoap-2.8.104/gsoap/custom/qstring.h
Examining data/gsoap-2.8.104/gsoap/custom/qbytearray_base64.cpp
Examining data/gsoap-2.8.104/gsoap/custom/struct_timeval.c
Examining data/gsoap-2.8.104/gsoap/custom/long_double.c
Examining data/gsoap-2.8.104/gsoap/custom/chrono_duration.h
Examining data/gsoap-2.8.104/gsoap/custom/duration.c
Examining data/gsoap-2.8.104/gsoap/custom/qdate.h
Examining data/gsoap-2.8.104/gsoap/custom/qtime.h
Examining data/gsoap-2.8.104/gsoap/custom/struct_timeval.h
Examining data/gsoap-2.8.104/gsoap/stdsoap2.c
Examining data/gsoap-2.8.104/gsoap/stdsoap2.cpp
Examining data/gsoap-2.8.104/gsoap/stdsoap2.h
Parsing failed to find end of parameter list; semicolon terminated it in ((buf)
# endif
/* copy string (truncating the result, strings must not be NULL) */
#if _MSC_VER >= 1400
# define soap_strcpy(buf, len, src) (void)strncpy_s((buf), (len), (src), _TRUNCATE)
#elif defin
Examining data/gsoap-2.8.104/gsoap/import/stllist.h
Examining data/gsoap-2.8.104/gsoap/import/ds2.h
Examining data/gsoap-2.8.104/gsoap/import/wstx2.h
Examining data/gsoap-2.8.104/gsoap/import/wst2.h
Examining data/gsoap-2.8.104/gsoap/import/wsse11.h
Examining data/gsoap-2.8.104/gsoap/import/stl.h
Examining data/gsoap-2.8.104/gsoap/import/wsdd5.h
Examining data/gsoap-2.8.104/gsoap/import/dom.h
Examining data/gsoap-2.8.104/gsoap/import/c14n.h
Examining data/gsoap-2.8.104/gsoap/import/wsrm.h
Examining data/gsoap-2.8.104/gsoap/import/xop.h
Examining data/gsoap-2.8.104/gsoap/import/wsrm4.h
Examining data/gsoap-2.8.104/gsoap/import/WS-example.c
Examining data/gsoap-2.8.104/gsoap/import/wst.h
Examining data/gsoap-2.8.104/gsoap/import/wsp_appliesto.h
Examining data/gsoap-2.8.104/gsoap/import/wsdd.h
Examining data/gsoap-2.8.104/gsoap/import/xmime5.h
Examining data/gsoap-2.8.104/gsoap/import/wsrx5.h
Examining data/gsoap-2.8.104/gsoap/import/ds.h
Examining data/gsoap-2.8.104/gsoap/import/xmime.h
Examining data/gsoap-2.8.104/gsoap/import/wsse.h
Examining data/gsoap-2.8.104/gsoap/import/wstx.h
Examining data/gsoap-2.8.104/gsoap/import/saml1.h
Examining data/gsoap-2.8.104/gsoap/import/wsc.h
Examining data/gsoap-2.8.104/gsoap/import/wsp.h
Examining data/gsoap-2.8.104/gsoap/import/xml.h
Examining data/gsoap-2.8.104/gsoap/import/wsrp.h
Examining data/gsoap-2.8.104/gsoap/import/wsdx.h
Examining data/gsoap-2.8.104/gsoap/import/wsa5.h
Examining data/gsoap-2.8.104/gsoap/import/WS-Header.h
Examining data/gsoap-2.8.104/gsoap/import/wsa3.h
Examining data/gsoap-2.8.104/gsoap/import/wsrm5.h
Examining data/gsoap-2.8.104/gsoap/import/soap12.h
Examining data/gsoap-2.8.104/gsoap/import/wsu.h
Examining data/gsoap-2.8.104/gsoap/import/WS-example.h
Examining data/gsoap-2.8.104/gsoap/import/wsdd10.h
Examining data/gsoap-2.8.104/gsoap/import/xenc.h
Examining data/gsoap-2.8.104/gsoap/import/wsa4.h
Examining data/gsoap-2.8.104/gsoap/import/xmlmime.h
Examining data/gsoap-2.8.104/gsoap/import/stlset.h
Examining data/gsoap-2.8.104/gsoap/import/xsd.h
Examining data/gsoap-2.8.104/gsoap/import/wsa.h
Examining data/gsoap-2.8.104/gsoap/import/stdstring.h
Examining data/gsoap-2.8.104/gsoap/import/xenc2.h
Examining data/gsoap-2.8.104/gsoap/import/ser.h
Examining data/gsoap-2.8.104/gsoap/import/plnk.h
Examining data/gsoap-2.8.104/gsoap/import/stldeque.h
Examining data/gsoap-2.8.104/gsoap/import/xlink.h
Examining data/gsoap-2.8.104/gsoap/import/wsc2.h
Examining data/gsoap-2.8.104/gsoap/import/vprop.h
Examining data/gsoap-2.8.104/gsoap/import/wsse2.h
Examining data/gsoap-2.8.104/gsoap/import/wsrx.h
Examining data/gsoap-2.8.104/gsoap/import/saml2.h
Examining data/gsoap-2.8.104/gsoap/import/xmlmime5.h
Examining data/gsoap-2.8.104/gsoap/import/ref.h
Examining data/gsoap-2.8.104/gsoap/import/stlvector.h
Examining data/gsoap-2.8.104/gsoap/import/xmime4.h
FINAL RESULTS:
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:1359:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(buf, s+1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2425:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(yylval.s, yytext+1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2440:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "identifier '%s' starts with or embeds '%3.3s' character sequence, which is exclusively reserved for and by the W3C XML standards (for enum constants: please ignore this warning)", yytext, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2451:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(yytext, SOAP_ULONG_FORMAT, &yylval.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2461:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(yytext, SOAP_XLONG_FORMAT, &yylval.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2533:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "gsoap schema directive without namespace: %s", yytext+i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2656:33: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, sp->URL);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2658:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3055:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "unrecognized gsoap directive: %s", yytext+i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3073:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "unrecognized gsoap directive: %s", yytext);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3081:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "options directive: %s ignored in imported file(s)", yytext);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3176:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, yytext + k);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3259:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "#include \"%sH.h\"", fullname);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3269:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
imported = strcpy(s, fullname);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3276:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
prefix = strcpy(s, fullname);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3339:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(buf, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3348:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, SOAP_PATHCAT);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3350:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, file);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3356:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "Cannot open file \"%s\" to import: %s\nHint: use option -I<path> (for example -Igsoap" SOAP_PATHSEP "gsoap/import" SOAP_PATHSEP "gsoap/custom:.)", file, strerror(errno));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3367:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->name, file);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:147:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirpath, a);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:149:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirpath, argv[i]);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:153:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dirpath, SOAP_PATHCAT);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:260:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, importpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:261:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, SOAP_PATHSEP);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:262:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:382:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Cannot open file \"%s\" for reading: %s", argv[i], strerror(errno));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:397:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, importpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:398:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, SOAP_PATHSEP);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:399:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, defimportpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:1384:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2275:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "incomplete type in declaration of '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2423:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "invalid typedef qualifier for '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2681:27: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2682:27: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2708:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "invalid constructor function '%s' or missing return type", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2721:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "invalid destructor function '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2732:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s2 + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2737:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2762:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "last output parameter of service operation function prototype '%s' is a pointer to a char which will only return one byte: use char** instead to return a string", (yyvsp[-6].e)->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2796:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "return type of service operation function prototype '%s' must be integer", (yyvsp[-6].e)->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2802:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "last output parameter of service operation function prototype '%s' is a return parameter and must be a pointer or reference, or use %s(..., void) for one-way sends", (yyvsp[-6].e)->sym->name, (yyvsp[-6].e)->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2850:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "undefined '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2903:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP 1.2 does not support anonymous parameters '%s'", (yyvsp[-4].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3368:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous class will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3374:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3403:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "member name clash in class '%s' declared at %s:%d", (yyvsp[-3].e)->sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3438:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' has incomplete type (if this class is not serializable then declare 'extern class %s')'", (yyvsp[-3].e)->sym->name, (yyvsp[-3].e)->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3466:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous struct will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3472:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "struct '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3503:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "member name clash in struct '%s' declared at %s:%d", (yyvsp[-3].e)->sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3534:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "'struct '%s' redeclaration (line %d)", (yyvsp[0].sym)->name, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3553:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous union will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3559:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "union or struct '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3590:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "member name clash in union '%s' declared at line %d", (yyvsp[-3].e)->sym->name, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3621:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "'union %s' redeclaration (line %d)", (yyvsp[0].sym)->name, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3640:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous enum will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3646:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3671:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous enum will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3677:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3767:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "'enum %s' used where enum class is expected", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3789:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "'enum class %s' used where enum is expected", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3832:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "unknown type '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3914:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "undeclared '%s'", (yyvsp[-1].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3924:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "perhaps trying to use a template with an undefined type parameter '%s'?", (yyvsp[-1].sym)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:3998:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "struct '%s' already declared at %s:%d", (yyvsp[0].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4036:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' already declared at %s:%d (redundant 'class' specifier here?)", (yyvsp[0].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4076:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "union '%s' already declared at %s:%d", (yyvsp[0].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4103:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", (yyvsp[-1].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4125:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", (yyvsp[-1].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4148:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", (yyvsp[-1].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4173:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", (yyvsp[-1].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4645:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "struct '%s' has incomplete type (if this struct is not serializable then declare 'extern struct %s')", (yyvsp[0].rec).typ->id->name, (yyvsp[0].rec).typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4647:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' has incomplete type (if this class is not serializable then declare 'extern class %s')", (yyvsp[0].rec).typ->id->name, (yyvsp[0].rec).typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:5729:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "comparison '%s' not evaluated and considered true", op);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:5789:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "undefined identifier '%s'", sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6015:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Value member missing in SOAP_ENV__Code declared at %s:%d", p1->filename, p1->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6020:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Value member of SOAP_ENV__Code is not a _QName type declared at %s:%d", p2->filename, p2->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6026:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Subcode member missing in SOAP_ENV__Code declared at %s:%d", p1->filename, p1->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6031:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Subcode member of SOAP_ENV__Code is not a SOAP_ENV__Subcode * type declared at %s:%d", p2->filename, p2->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6086:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Text member missing in SOAP_ENV__Reason declared at %s:%d", p4->filename, p4->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6091:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Text member of SOAP_ENV__Reason is not a char * type declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6144:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultcode member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6149:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultcode member of SOAP_ENV__Fault is not a _QName type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6155:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultstring member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6160:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultstring member of SOAP_ENV__Fault is not a char * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6166:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultdetail member of SOAP_ENV__Fault is not a SOAP_ENV__Detail * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6172:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Code member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6177:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Code member of SOAP_ENV__Fault is not a SOAP_ENV__Code * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6183:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Reason member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6188:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Reason member of SOAP_ENV__Fault is not a SOAP_ENV__Reason * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6194:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Node member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6199:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Node member of SOAP_ENV__Fault is not a char * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6205:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Role member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6210:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Role member of SOAP_ENV__Fault is not a char * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6216:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Detail member of SOAP_ENV__Fault is not a SOAP_ENV__Detail * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6285:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r, fun->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6341:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "service operation name clash: struct/class '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6362:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "parameter '%s' of service operation function '%s()' in %s:%d cannot be passed by reference: use a pointer instead", q->sym->name, sym->name, q->filename, q->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6369:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "parameter '%s' of service operation function '%s()' in %s:%d cannot be declared const", q->sym->name, sym->name, q->filename, q->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6375:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "invalid parameter '%s' of service operation function '%s()' in %s:%d", q->sym->name, sym->name, q->filename, q->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:389:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->name, name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:435:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s_%d", base, idx);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:531:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Duplicate declaration of '%s' (already declared at line %d), changing conflicting identifier name to '%s_'", sym->name, p->lineno, sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:534:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:551:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Duplicate declaration of '%s' (already declared at line %d)", sym->name, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:860:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(source_date_epoch, SOAP_ULONG_FORMAT, &epoch) == 1 && epoch != 0)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:900:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(base, prefix);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:906:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapMatlab, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:908:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapMatlab, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:909:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapMatlab, soapMatlab );
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:911:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapMatlabHdr, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:913:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapMatlabHdr, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:914:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapMatlabHdr, soapMatlabHdr);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:916:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapStub, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:918:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapStub, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:919:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapStub, soapStub);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:920:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapH, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:922:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapH, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:923:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapH, soapH);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:924:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapC, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:929:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapC, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:930:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapC, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:931:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapC, soapC);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:932:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapClient, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:934:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapClient, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:935:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapClient, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:936:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapClient, soapClient);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:937:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapServer, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:939:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapServer, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:940:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapServer, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:941:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapServer, soapServer);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:942:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapClientLib, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:944:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapClientLib, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:945:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapClientLib, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:946:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapClientLib, soapClientLib);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:947:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapServerLib, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:949:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapServerLib, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:950:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapServerLib, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:951:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapServerLib, soapServerLib);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:952:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapReadme, base);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:954:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapReadme, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:955:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapReadme, soapReadme);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1656:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%s declared at %s:%d has no content, requires members", c_type(typ), p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1771:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP-encoded array '%s' is specific to SOAP encoding only and not compliant with WS-I Basic Profile 1.0a", c_type(typ));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2032:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not an int or size_t type in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2037:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a pointer member field in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2045:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a void pointer member field in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2053:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a union member field in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2061:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a pointer or union member field in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2105:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "struct '%s' cannot be assigned a default constructor because it is directly or indirectly used as a member of union '%s'", typ->id->name, ident(s));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2123:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "no constructor for '%s' to explicitly initialize the reference member '%s'", typ->id->name, p->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2299:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not an int or size_t type in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2304:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a pointer member field in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2312:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a void pointer member field in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2320:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a union member field in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2328:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a pointer or union member field in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2400:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' cannot be assigned a default constructor because it is directly or indirectly used as a member of union '%s'", typ->id->name, ident(s));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2418:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "no constructor for '%s' to explicitly initialize the reference member '%s'", typ->id->name, p->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2511:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "union '%s' contains attribute declarations", typ->id->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2749:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fheader, "%s\n\t%s = " SOAP_LONG_FORMAT, c, ident(q->sym->name), i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2766:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%s declared at %s:%d has no content, requires enum constants", c_type(p->info.typ), p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:2950:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "serializable typedef '%s' is not namespace qualified: schema definition for '%s' in WSDL file output may be invalid", p->sym->name, p->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3203:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->name, buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3276:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s/%s.xsd", tmpURI, ns_convert(ns->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3319:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.wsdl", dirpath, ns_cname(name, NULL));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3321:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.wsdl", dirpath, ns_cname(ns->name, NULL));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3344:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soapProxyH, "%s%s.h", prefix, name1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3345:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathsoapProxyH, "%s%s", dirpath, soapProxyH);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3346:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soapProxyC, "%s%s.cpp", prefix, name1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3347:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathsoapProxyC, "%s%s", dirpath, soapProxyC);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3370:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soapServiceH, "%s%s.h", prefix, name1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3371:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathsoapServiceH, "%s%s", dirpath, soapServiceH);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3372:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soapServiceC, "%s%s.cpp", prefix, name1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3373:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathsoapServiceC, "%s%s", dirpath, soapServiceC);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3398:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%s.h", dirpath, prefix, ns_cname(name, "Proxy"));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3403:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.h", prefix, ns_cname(name, "Proxy"));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3411:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.h", dirpath, ns_cname(prefix, "Proxy"));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3416:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.h", ns_cname(prefix, "Proxy"));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3424:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%s.h", dirpath, prefix, ns_cname(name, "Object"));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3429:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.h", prefix, ns_cname(name, "Object"));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3437:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.h", dirpath, ns_cname(prefix, "Object"));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3442:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.h", ns_cname(prefix, "Object"));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3452:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3454:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, ns_fname(name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3456:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, ns_fname(ns->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3467:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.nsmap", dirpath, prefix);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3469:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.nsmap", dirpath, ns_cname(name, NULL));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3528:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapTester, prefix);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3534:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapTester, dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3535:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapTester, soapTester);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3632:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.xsd", dirpath, ns_cname(ns->name, NULL));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3651:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.nsmap", dirpath, prefix);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3653:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.nsmap", dirpath, ns_cname(ns->name, NULL));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3655:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%ssoap.nsmap", dirpath);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3705:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Cannot define method-header-part in WSDL: SOAP_ENV__Header \"%s\" member is not qualified", part);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4029:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "//gsoap %s method-fault %s %s directive does not refer to a member of struct SOAP_ENV__Detail: suggest to define struct SOAP_ENV__Detail with member %s", sp->ns, m->name, m->part, m->part);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4035:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "//gsoap %s method-fault %s %s directive does not refer to struct/class or typedef: should globablly define fault %s as type (typedef or struct/class)", sp->ns, m->name, m->part, m->part);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4302:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "operation '%s' is specific to SOAP encoding only and not compliant with WS-I Basic Profile 1.0a", p->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4513:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, SOAP_LONG_FORMAT, e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4530:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", ns_remove2(q->sym->name, c_ident(p)));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4538:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", xstring(e->info.val.s));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4559:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, SOAP_LONG_FORMAT, p->imin + (p->incmin == False));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4561:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, SOAP_LONG_FORMAT, p->imax - (p->incmax == False));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4585:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", ns_remove2(q->sym->name, c_ident(p)));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4624:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s=\"" SOAP_LONG_FORMAT "\"", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4629:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s=\"%.17lG\"", a, e->info.val.r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4641:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s=\"%s\"", a, ns_remove2(q->sym->name, c_ident(p)));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4649:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s=\"%s\"", a, xstring(e->info.val.s));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:5752:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member '%s::%s' of type '%s' at line %d has a type that does not correspond to the required unique type '%s' defined for root-level attribute '%s'", p->sym->name, q->sym->name, c_type(q->info.typ), q->lineno, c_type(e->info.typ), ns_convert(q->sym->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:5770:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member '%s::%s' of type '%s' at line %d has a type that does not correspond to the required unique type '%s' defined for root-level element '%s'", p->sym->name, q->sym->name, c_type(q->info.typ), q->lineno, c_type(e->info.typ), ns_convert(q->sym->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:7208:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Option -A requires a SOAPAction specified for operation %s where none is defined", ident(method->sym->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:8872:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%*s<!-- a repetition of " SOAP_LONG_FORMAT, n, "", p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:9097:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, p->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:9157:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, p->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:9315:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, q->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:9499:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%*s<!-- a repetition of " SOAP_LONG_FORMAT, n+1, "", q->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10011:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, p->imin + (p->incmin == False));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10013:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, p->imax - (p->incmax == False));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10108:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_ULONG_FORMAT, (ULONG64)p->imin + (p->incmin == False));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10110:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_ULONG_FORMAT, (ULONG64)p->imax - (p->incmax == False));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10378:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%*s<!-- a repetition of " SOAP_LONG_FORMAT, n+1, "", q->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10475:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10481:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strrchr(tmp, '.'), "_%s_req.xml", method);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10486:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strrchr(tmp, '.'), "_%s_res.xml", method);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10490:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(strrchr(tmp, '.')+1, method);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10661:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Option -A requires a SOAPAction specified for operation %s where none is defined", ident(method->sym->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11248:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%s declared at %s:%d has multiple base types, including %s", c_type(p->info.typ), p->filename, p->lineno, c_type(q));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11727:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11730:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11755:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%s != " SOAP_LONG_FORMAT, buf, e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11780:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%s != (%s)" SOAP_LONG_FORMAT, buf, c_type(p), e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11878:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, namespaceid);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11886:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11900:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, namespaceid);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11908:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11910:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, n);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11993:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11998:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "Array%dOf%s", typ->width / ((Tnode*) typ->ref)->width, c_ident((Tnode*)typ->ref));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12000:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "ArrayOf%s", c_ident((Tnode*)typ->ref));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12006:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, res_remove(typ->id->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12008:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12186:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
t = strcpy(s, tag);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12266:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12281:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12308:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, n);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12310:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12363:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, suffix);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12375:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, tag);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12587:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, ns_convert(ns));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12596:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12678:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, ns_convert(ns));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12680:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, c_ident(typ));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12698:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, ns_convert(ns));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12700:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, ns_convert(typ->id->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12830:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12838:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12846:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12860:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, c_type(((FNinfo*)typ->ref)->ret));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12866:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_storage(e->info.sto));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12869:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_type_id(e->info.typ, e->sym->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12870:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_init(e));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12884:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12886:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12963:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "%s" SOAP_LONG_FORMAT, a, e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12966:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s" SOAP_LONG_FORMAT "L", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12969:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s" SOAP_LONG_FORMAT "UL", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12972:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s" SOAP_LONG_FORMAT "LL", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12975:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s" SOAP_LONG_FORMAT "ULL", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12979:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%g", a, e->info.val.r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12982:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%gL", a, e->info.val.r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12987:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "%s(%s)" SOAP_LONG_FORMAT, a, c_type(p), e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12989:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s(%s)" SOAP_LONG_FORMAT "LL", a, c_type(p), e->info.val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12993:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s\"%s\"", a, cstring(e->info.val.s, 0));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12995:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%sL\"%s\"", a, cstring(e->info.val.s, 0));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12997:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s(wchar_t*)L\"%s\"", a, cstring(e->info.val.s, 0));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12999:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s(char*)\"%s\"", a, cstring(e->info.val.s, 0));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13001:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%sNULL", a);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13035:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13040:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13045:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13050:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13055:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13060:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13065:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13070:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13075:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13080:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13085:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13090:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13095:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13100:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13105:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13110:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13115:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13121:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13123:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13128:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13130:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13136:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13138:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13145:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13151:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13153:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13158:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13160:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13165:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p+1, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13170:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p+1, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13176:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p+2, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13183:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13190:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, tempBuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13202:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13206:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_storage(e->info.sto));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13209:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_type_id(e->info.typ, e->sym->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13210:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_init(e));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13223:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, ident(typ->id->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13225:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13227:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13253:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, synonym);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13255:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13288:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13331:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17009:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s + l, "%s%s->__size[%d]", i ? " * " : "", a, i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17559:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member '%s' cannot be serialized as an XML attribute", name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17578:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member '%s' cannot be serialized as an XML attribute", name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17648:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "((%s*)%s)", type, name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19755:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(soap_flag_%s > " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.maxOccurs - p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19759:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || soap_flag_%s > " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.maxOccurs - p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19786:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(!a->%s || a->%s->size() < " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19790:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || !a->%s || a->%s->size() < " SOAP_LONG_FORMAT, ident(p->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19796:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s.size() < " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19800:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s.size() < " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19820:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s.size() > " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19824:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s.size() > " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19834:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s < " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19838:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s < " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19845:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s > " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:19849:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s > " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20562:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(soap_flag_%s%d > " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), i, p->info.maxOccurs - p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20566:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || soap_flag_%s%d > " SOAP_LONG_FORMAT, ident(p->sym->name), i, p->info.maxOccurs - p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20593:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(!a->%s::%s || a->%s::%s->size() < " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20597:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || !a->%s::%s || a->%s::%s->size() < " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20603:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s::%s.size() < " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20607:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s::%s.size() < " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20627:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s::%s.size() > " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20631:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s::%s.size() > " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20641:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s::%s < " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20645:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s::%s < " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20652:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s::%s > " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:20656:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s::%s > " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1840:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, t, "namespace", urienc(definitions.soap, (*schema2)->targetNamespace));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1842:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, t, "form", (*schema2)->elementFormDefault == qualified ? "qualified" : "unqualified");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1845:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, t, "elementForm", (*schema2)->elementFormDefault == qualified ? "qualified" : "unqualified");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1846:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, t, "attributeForm", (*schema2)->attributeFormDefault == qualified ? "qualified" : "unqualified");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2082:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(types.prefix(*i), u), "namespace", u);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2109:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.tname(NULL, NULL, *i), "__item");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2167:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(types.prefix(*j), u), "namespace", u);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2232:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(types.prefix(*k), u), "namespace", u);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2372:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.tname(NULL, NULL, *i), "__item");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2379:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, types.tnamenoptr(NULL, NULL, (*j).first), types.aname(NULL, NULL, (*j).first));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2389:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "struct soap", soap_context);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2409:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "xsd__anyType", "__item");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2411:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "_XML", "__item");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2418:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, types.wname(NULL, NULL, *i, LOOKUP), types.aname(NULL, NULL, *i));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2432:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, types.tnamenoptr(NULL, (*schema)->targetNamespace, (*simpleType).name), types.aname(NULL, (*schema)->targetNamespace, (*simpleType).name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2444:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, types.tnamenoptr(NULL, (*schema)->targetNamespace, (*complexType).name), types.aname(NULL, (*schema)->targetNamespace, (*complexType).name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2451:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "struct soap", soap_context);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2620:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "name", sv->name, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2622:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "type", sv->type, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2624:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "port", (*port), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2626:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "namespace", sv->URI, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2628:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "transport", sv->transport, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2800:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, (*header).second->URI), "namespace", (*header).second->URI);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2805:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "mustUnderstand", "// must be understood by receiver");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2812:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*header).second->part->elementPtr()->type), types.aname(NULL, NULL, (*header).second->part->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2814:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*header).second->part->element), types.aname(NULL, NULL, (*header).second->part->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2816:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*header).second->part->elementPtr()->name), (*header).first);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2822:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*header).second->part->type), types.aname(NULL, (*header).second->URI, (*header).second->part->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2834:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*header).second->part->element), (*header).first);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2836:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, (*header).first, (*header).first);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2843:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, (*headerfault).second->URI), "namespace", (*headerfault).second->URI);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2848:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "mustUnderstand", "// must be understood by receiver");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2855:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*headerfault).second->part->elementPtr()->type), types.aname(NULL, NULL, (*headerfault).second->part->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2857:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*headerfault).second->part->element), types.aname(NULL, NULL, (*headerfault).second->part->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2859:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*headerfault).second->part->elementPtr()->name), (*headerfault).first);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2865:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*headerfault).second->part->type), types.aname(NULL, (*headerfault).second->URI, (*headerfault).second->part->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2877:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*headerfault).second->part->element), (*headerfault).first);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2879:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, (*headerfault).first, (*headerfault).first);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2891:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, (*fault).second->URI), "namespace", (*fault).second->URI);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2903:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "struct soap", soap_context);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2926:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, t, "__anyAttribute");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2963:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*part).elementPtr()->type), types.aname(NULL, (*fault).second->URI, (*part).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2965:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*part).element), types.aname(NULL, (*fault).second->URI, (*part).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2974:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, (*fault).second->URI), "namespace", (*fault).second->URI);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2976:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*part).type), types.aname(NULL, (*fault).second->URI, (*part).name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2988:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, (*fault).first, types.aname(NULL, (*fault).second->URI, (*fault).second->message->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:2997:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", (*fault).second->URI, (*fault).second->element->name), (*fault).second->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3003:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "int", "__type");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3005:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "void", "fault");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3007:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "_XML", "__any");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3388:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*(*op2)->output->message->part.begin()).type), cflag ? "*" : "&", types.aname(NULL, NULL, (*(*op2)->output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3407:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*(*op2)->output->message->part.begin()).type), cflag ? "*" : "&", types.aname(NULL, NULL, (*(*op2)->output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3637:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-protocol", method_name, protocol);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3639:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-mime-type", method_name, output->content->type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3641:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "document");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3643:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "rpc");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3645:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "literal");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3647:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, output->encodingStyle);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3649:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "encoded");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3651:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, output->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3655:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3657:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, "\"\"");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3668:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, NULL, (*part).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3670:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, (*message)->URI, (*part).name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3676:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3679:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault-action", method_name, (*message)->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3682:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3693:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3695:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3700:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-mime-type", method_name, (*content).type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3709:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3711:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3717:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputwheader).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3737:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-protocol", method_name, protocol);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3739:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-mime-type", method_name, output->content->type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3741:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "document");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3743:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "rpc");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3745:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "literal");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3747:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, output->encodingStyle);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3749:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "encoded");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3751:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, output->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3755:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3757:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, "\"\"");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3768:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, NULL, (*part).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3770:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, (*message)->URI, (*part).name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3776:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3779:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault-action", method_name, (*message)->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3782:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3793:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3795:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3800:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-mime-type", method_name, (*content).type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3809:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3811:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3817:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputwheader).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3826:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*output->message->part.begin()).type), cflag ? "*:" : "&:", types.aname(NULL, NULL, (*output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3828:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*output->message->part.begin()).type), cflag ? "*" : "&", types.aname(NULL, NULL, (*output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3849:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-protocol", method_name, protocol);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3851:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-mime-type", method_name, input->content->type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3853:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "document");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3855:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "rpc");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3857:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-mime-type", method_name, output->content->type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3859:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "literal");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3861:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, input->encodingStyle);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3863:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "encoded");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3869:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-response-encoding", method_name, "literal");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3871:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-response-encoding", method_name, output->encodingStyle);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3873:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-response-encoding", method_name, "encoded");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3876:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, output->URI), "namespace", output->URI);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3879:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-action", method_name, input->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3883:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3885:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, "\"\"");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3888:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-action", method_name, output->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3898:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, NULL, (*part).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3900:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, (*message)->URI, (*part).name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3906:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3909:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault-action", method_name, (*message)->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3912:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3925:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, (*inputheader).namespace_, (*inputheader).part));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3927:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, NULL, (*inputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3932:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-mime-type", method_name, (*content).type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3941:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, (*inputheader).namespace_, (*inputheader).part));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3943:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, NULL, (*inputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3949:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, NULL, (*inputwheader).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3963:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3965:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3970:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-mime-type", method_name, (*content).type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3978:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3980:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:3986:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, NULL, (*outputwheader).element));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4003:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*output->message->part.begin()).type), cflag ? "*:" : "&:", types.aname(NULL, NULL, (*output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4005:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*output->message->part.begin()).type), cflag ? "*" : "&", types.aname(NULL, NULL, (*output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4084:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, flag ? " " : cflag ? "*" : "&", types.aname(NULL, nameURI, name), sep);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4090:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.pname(optional, false, prefix, typeURI, type), " ", types.aname(NULL, nameURI, name), sep);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4102:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.pname(optional, false, NULL, NULL, (*part).element), " ", types.aname(NULL, NULL, (*part).element), sep);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4137:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, flag ? " :" : cflag ? "*:" : "&:", types.aname(NULL, NULL, (*part).name), sep);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4139:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, flag ? " " : cflag ? "*" : "&", types.aname(NULL, nameURI, (*part).name), sep);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4150:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeparaformat, "int", types.aname(NULL, NULL, (*part).name), ",");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4152:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, unqual ? "*:" : "*", types.aname(NULL, nameURI, (*part).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4156:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateparaformat, types.vname("$CONTAINER"), t, unqual ? " :" : " ", types.aname(NULL, nameURI, (*part).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4161:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, unqual ? " :" : " ", types.aname(NULL, nameURI, (*part).name), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4217:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, paraformat, t, flag ? " " : cflag ? "*" : "&", anonymous ? "" : types.aname(NULL, URI, name), sep);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4225:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.pname(optional, false, prefix, URI, type), " ", types.aname(NULL, URI, name), sep);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4247:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.pname(optional, false, prefix, URI, type), " ", types.aname(NULL, NULL, name), sep);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4554:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.tname(NULL, NULL, (*i2).type), types.aname(NULL, NULL, (*i2).name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4556:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.tname(NULL, NULL, (*i2).element), types.aname(NULL, NULL, (*i2).name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1469:46: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define SOAP_SNPRINTF(buf, len, num) void)snprintf((buf), (len)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1470:46: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define SOAP_SNPRINTF_SAFE(buf, len) void)snprintf((buf), (len)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1473:90: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define SOAP_SNPRINTF(buf, len, num) (len) <= (num)) ? (void)((buf)[0] = '\0') : (void)sprintf((buf)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1474:45: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define SOAP_SNPRINTF_SAFE(buf, len) void)sprintf((buf)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1898:24: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define SOAP_MESSAGE fprintf
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1618:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1779:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1896:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1976:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, " " SOAP_LONG_FORMAT, to_integer(simpleType.restriction->minExclusive->value)+1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2018:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, " : " SOAP_LONG_FORMAT, to_integer(simpleType.restriction->maxExclusive->value)-1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2040:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2107:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2181:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2210:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2280:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2304:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2325:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2475:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, baseURI, base), "__item");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2536:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, baseURI, base), "__item");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2911:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(with_union, false, NULL, NULL, "xs:any"), "__mixed");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2916:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, NULL, "xs:any"), "__mixed");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2929:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, tnamenoptr(NULL, NULL, *i), aname(NULL, NULL, *i, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2935:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, tnamenoptr(NULL, NULL, *i), aname(NULL, NULL, *i, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:2948:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "struct soap", soap_context);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3046:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, pname(is_optional, true, typeprefix, typeURI, type), aname(nameprefix, nameURI, name, &members)); // make sure no name - type clash
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3053:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, pname(is_optional, true, NULL, URI, type), aname(nameprefix, nameURI, name, &members)); // make sure no name - type clash
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3062:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attrtemplateformat_open, r, "\n");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3068:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3070:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3072:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3079:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, pname(is_optional, true, "_", NULL, attribute.ref), aname(NULL, NULL, attribute.ref, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3085:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, pname(is_optional, true, NULL, NULL, type), aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3238:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), s + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3249:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, vname("$CONTAINER"), "\n");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3270:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "}", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3274:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}>", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3285:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "}", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3416:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3424:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3429:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3436:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), s, aname(nameprefix, nameURI, name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3438:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3449:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(nillable, !with_union, typeprefix, typeURI, type), aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3486:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3494:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3499:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3506:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3508:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3516:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(nillable, !with_union, NULL, URI, type), aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3529:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3542:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, vname("$CONTAINER"), "\n");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3551:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, r, "\n");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3557:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3564:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3568:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3582:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3595:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, vname("$CONTAINER"), "\n");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3604:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, r, "\n");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3610:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3617:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3621:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3633:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, element.ref));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3638:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, pname(true, true, "_", NULL, element.ref), aname(nameprefix, nameURI, element.ref, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3644:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), tname("_", NULL, element.ref), aname(nameprefix, nameURI, element.ref, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3646:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), tname("_", NULL, element.ref), aname(nameprefix, nameURI, element.ref, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3653:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(nillable, !with_union, "_", NULL, element.ref), aname(nameprefix, nameURI, element.ref, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3663:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3669:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "_XML", aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3675:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), "_XML", aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3677:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), "_XML", aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3683:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "_XML", aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3865:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, vname("$CONTAINER"), "\n");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3875:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3890:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, choiceformat, "int", r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3920:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", s[0] == '_' && s[1] == '_' ? s+2 : s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3933:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, with_union ? pointerformat : elementformat, "}>", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3940:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "}", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3946:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3987:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3989:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, tname(NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3993:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3997:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), tname(NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3999:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), tname(NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4003:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(with_union, false, NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4022:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, t, "__anyAttribute");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4073:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, pURI, base), "__item");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4085:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, pURI, base), "__item");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4187:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, arrayformat, "}", item ? aname(NULL, NULL, item) : "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4194:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, arrayformat, s, item ? aname(NULL, NULL, item) : "");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4201:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, arraysizeformat, "int", size);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4203:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, arrayoffsetformat, "int", size);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4284:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4298:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, choiceformat, "int", r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4324:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", s[0] == '_' && s[1] == '_' ? s+2 : s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4326:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", t[0] == '_' ? t+1 : t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4334:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "}", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4339:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", s);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3834:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%c" SOAP_ULONG_FORMAT, sep, i + 1);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3845:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%c" SOAP_ULONG_FORMAT, sep, p->num);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3863:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%c" SOAP_ULONG_FORMAT, sep, i + 1);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3872:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%c" SOAP_ULONG_FORMAT, sep, p->num);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3892:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%c" SOAP_ULONG_FORMAT ":" SOAP_ULONG_FORMAT, sep, r->lower, r->upper);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:3444:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, ns->id);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:3444:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, ns->id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1469:46: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define SOAP_SNPRINTF(buf, len, num) void)snprintf((buf), (len)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1470:46: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define SOAP_SNPRINTF_SAFE(buf, len) void)snprintf((buf), (len)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1473:90: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define SOAP_SNPRINTF(buf, len, num) (len) <= (num)) ? (void)((buf)[0] = '\0') : (void)sprintf((buf)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1474:45: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define SOAP_SNPRINTF_SAFE(buf, len) void)sprintf((buf)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1898:24: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define SOAP_MESSAGE fprintf
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:310:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, TMPDIR);
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:312:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, name);
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:315:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(s, name);
data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp:144:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*r, buf);
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:466:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(file, TMPDIR);
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:470:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(file, keys->key[i]);
data/gsoap-2.8.104/gsoap/samples/ssl/ssl_setup.c:135:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(fname, F_OK) != -1)
data/gsoap-2.8.104/gsoap/samples/ssl/ssl_setup.cpp:135:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(fname, F_OK) != -1)
data/gsoap-2.8.104/gsoap/src/lex.yy.c:1359:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(buf, s+1);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2425:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(yylval.s, yytext+1);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2440:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "identifier '%s' starts with or embeds '%3.3s' character sequence, which is exclusively reserved for and by the W3C XML standards (for enum constants: please ignore this warning)", yytext, s);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2451:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(yytext, SOAP_ULONG_FORMAT, &yylval.i);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2461:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(yytext, SOAP_XLONG_FORMAT, &yylval.i);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2533:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "gsoap schema directive without namespace: %s", yytext+i);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2656:33: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, sp->URL);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2658:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, s);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3055:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "unrecognized gsoap directive: %s", yytext+i);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3073:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "unrecognized gsoap directive: %s", yytext);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3081:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "options directive: %s ignored in imported file(s)", yytext);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3176:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, yytext + k);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3259:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "#include \"%sH.h\"", fullname);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3269:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
imported = strcpy(s, fullname);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3276:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
prefix = strcpy(s, fullname);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3339:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy(buf, s);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3348:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, SOAP_PATHCAT);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3350:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, file);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3356:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf(errbuf, "Cannot open file \"%s\" to import: %s\nHint: use option -I<path> (for example -Igsoap" SOAP_PATHSEP "gsoap/import" SOAP_PATHSEP "gsoap/custom:.)", file, strerror(errno));
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3367:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->name, file);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:147:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirpath, a);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:149:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirpath, argv[i]);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:153:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dirpath, SOAP_PATHCAT);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:260:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, importpath);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:261:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, SOAP_PATHSEP);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:262:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, s);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:382:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Cannot open file \"%s\" for reading: %s", argv[i], strerror(errno));
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:397:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, importpath);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:398:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, SOAP_PATHSEP);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:399:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, defimportpath);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:1384:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2275:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "incomplete type in declaration of '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2423:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "invalid typedef qualifier for '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2681:27: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s1);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2682:27: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s2);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2708:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "invalid constructor function '%s' or missing return type", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2721:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "invalid destructor function '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2732:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s2 + 1);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2737:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2762:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "last output parameter of service operation function prototype '%s' is a pointer to a char which will only return one byte: use char** instead to return a string", (yyvsp[-6].e)->sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2796:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "return type of service operation function prototype '%s' must be integer", (yyvsp[-6].e)->sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2802:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "last output parameter of service operation function prototype '%s' is a return parameter and must be a pointer or reference, or use %s(..., void) for one-way sends", (yyvsp[-6].e)->sym->name, (yyvsp[-6].e)->sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2850:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "undefined '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2903:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP 1.2 does not support anonymous parameters '%s'", (yyvsp[-4].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3368:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous class will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3374:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3403:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "member name clash in class '%s' declared at %s:%d", (yyvsp[-3].e)->sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3438:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' has incomplete type (if this class is not serializable then declare 'extern class %s')'", (yyvsp[-3].e)->sym->name, (yyvsp[-3].e)->sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3466:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous struct will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3472:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "struct '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3503:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "member name clash in struct '%s' declared at %s:%d", (yyvsp[-3].e)->sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3534:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "'struct '%s' redeclaration (line %d)", (yyvsp[0].sym)->name, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3553:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous union will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3559:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "union or struct '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3590:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "member name clash in union '%s' declared at line %d", (yyvsp[-3].e)->sym->name, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3621:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "'union %s' redeclaration (line %d)", (yyvsp[0].sym)->name, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3640:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous enum will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3646:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3671:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "anonymous enum will be named '%s'", sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3677:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3767:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "'enum %s' used where enum class is expected", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3789:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "'enum class %s' used where enum is expected", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3832:29: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "unknown type '%s'", (yyvsp[0].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3914:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "undeclared '%s'", (yyvsp[-1].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3924:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "perhaps trying to use a template with an undefined type parameter '%s'?", (yyvsp[-1].sym)->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:3998:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "struct '%s' already declared at %s:%d", (yyvsp[0].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4036:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' already declared at %s:%d (redundant 'class' specifier here?)", (yyvsp[0].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4076:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "union '%s' already declared at %s:%d", (yyvsp[0].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4103:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", (yyvsp[-1].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4125:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", (yyvsp[-1].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4148:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", (yyvsp[-1].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4173:31: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "enum '%s' already declared at %s:%d", (yyvsp[-1].sym)->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4645:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "struct '%s' has incomplete type (if this struct is not serializable then declare 'extern struct %s')", (yyvsp[0].rec).typ->id->name, (yyvsp[0].rec).typ->id->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4647:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' has incomplete type (if this class is not serializable then declare 'extern class %s')", (yyvsp[0].rec).typ->id->name, (yyvsp[0].rec).typ->id->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:5729:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "comparison '%s' not evaluated and considered true", op);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:5789:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "undefined identifier '%s'", sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6015:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Value member missing in SOAP_ENV__Code declared at %s:%d", p1->filename, p1->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6020:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Value member of SOAP_ENV__Code is not a _QName type declared at %s:%d", p2->filename, p2->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6026:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Subcode member missing in SOAP_ENV__Code declared at %s:%d", p1->filename, p1->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6031:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Subcode member of SOAP_ENV__Code is not a SOAP_ENV__Subcode * type declared at %s:%d", p2->filename, p2->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6086:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Text member missing in SOAP_ENV__Reason declared at %s:%d", p4->filename, p4->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6091:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Text member of SOAP_ENV__Reason is not a char * type declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6144:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultcode member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6149:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultcode member of SOAP_ENV__Fault is not a _QName type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6155:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultstring member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6160:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultstring member of SOAP_ENV__Fault is not a char * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6166:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "faultdetail member of SOAP_ENV__Fault is not a SOAP_ENV__Detail * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6172:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Code member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6177:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Code member of SOAP_ENV__Fault is not a SOAP_ENV__Code * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6183:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Reason member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6188:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Reason member of SOAP_ENV__Fault is not a SOAP_ENV__Reason * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6194:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Node member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6199:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Node member of SOAP_ENV__Fault is not a char * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6205:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Role member missing in SOAP_ENV__Fault declared at %s:%d", p3->filename, p3->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6210:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Role member of SOAP_ENV__Fault is not a char * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6216:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP_ENV__Detail member of SOAP_ENV__Fault is not a SOAP_ENV__Detail * type declared at %s:%d", p5->filename, p5->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6285:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r, fun->sym->name);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6341:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "service operation name clash: struct/class '%s' already declared at %s:%d", sym->name, p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6362:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "parameter '%s' of service operation function '%s()' in %s:%d cannot be passed by reference: use a pointer instead", q->sym->name, sym->name, q->filename, q->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6369:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "parameter '%s' of service operation function '%s()' in %s:%d cannot be declared const", q->sym->name, sym->name, q->filename, q->lineno);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6375:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "invalid parameter '%s' of service operation function '%s()' in %s:%d", q->sym->name, sym->name, q->filename, q->lineno);
data/gsoap-2.8.104/gsoap/src/symbol2.c:389:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->name, name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:435:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s_%d", base, idx);
data/gsoap-2.8.104/gsoap/src/symbol2.c:531:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Duplicate declaration of '%s' (already declared at line %d), changing conflicting identifier name to '%s_'", sym->name, p->lineno, sym->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:534:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, sym->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:551:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Duplicate declaration of '%s' (already declared at line %d)", sym->name, p->lineno);
data/gsoap-2.8.104/gsoap/src/symbol2.c:860:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(source_date_epoch, SOAP_ULONG_FORMAT, &epoch) == 1 && epoch != 0)
data/gsoap-2.8.104/gsoap/src/symbol2.c:900:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(base, prefix);
data/gsoap-2.8.104/gsoap/src/symbol2.c:906:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapMatlab, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:908:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapMatlab, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:909:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapMatlab, soapMatlab );
data/gsoap-2.8.104/gsoap/src/symbol2.c:911:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapMatlabHdr, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:913:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapMatlabHdr, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:914:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapMatlabHdr, soapMatlabHdr);
data/gsoap-2.8.104/gsoap/src/symbol2.c:916:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapStub, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:918:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapStub, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:919:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapStub, soapStub);
data/gsoap-2.8.104/gsoap/src/symbol2.c:920:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapH, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:922:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapH, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:923:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapH, soapH);
data/gsoap-2.8.104/gsoap/src/symbol2.c:924:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapC, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:929:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapC, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:930:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapC, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:931:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapC, soapC);
data/gsoap-2.8.104/gsoap/src/symbol2.c:932:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapClient, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:934:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapClient, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:935:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapClient, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:936:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapClient, soapClient);
data/gsoap-2.8.104/gsoap/src/symbol2.c:937:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapServer, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:939:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapServer, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:940:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapServer, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:941:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapServer, soapServer);
data/gsoap-2.8.104/gsoap/src/symbol2.c:942:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapClientLib, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:944:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapClientLib, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:945:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapClientLib, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:946:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapClientLib, soapClientLib);
data/gsoap-2.8.104/gsoap/src/symbol2.c:947:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapServerLib, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:949:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(soapServerLib, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:950:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapServerLib, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:951:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapServerLib, soapServerLib);
data/gsoap-2.8.104/gsoap/src/symbol2.c:952:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapReadme, base);
data/gsoap-2.8.104/gsoap/src/symbol2.c:954:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapReadme, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:955:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapReadme, soapReadme);
data/gsoap-2.8.104/gsoap/src/symbol2.c:1656:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%s declared at %s:%d has no content, requires members", c_type(typ), p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/symbol2.c:1771:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "SOAP-encoded array '%s' is specific to SOAP encoding only and not compliant with WS-I Basic Profile 1.0a", c_type(typ));
data/gsoap-2.8.104/gsoap/src/symbol2.c:2032:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not an int or size_t type in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2037:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a pointer member field in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2045:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a void pointer member field in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2053:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a union member field in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2061:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a pointer or union member field in struct '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2105:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "struct '%s' cannot be assigned a default constructor because it is directly or indirectly used as a member of union '%s'", typ->id->name, ident(s));
data/gsoap-2.8.104/gsoap/src/symbol2.c:2123:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "no constructor for '%s' to explicitly initialize the reference member '%s'", typ->id->name, p->sym->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2299:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not an int or size_t type in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2304:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a pointer member field in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2312:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a void pointer member field in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2320:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a union member field in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2328:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member field '%s' is not followed by a pointer or union member field in class '%s'", q->sym->name, typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2400:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "class '%s' cannot be assigned a default constructor because it is directly or indirectly used as a member of union '%s'", typ->id->name, ident(s));
data/gsoap-2.8.104/gsoap/src/symbol2.c:2418:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "no constructor for '%s' to explicitly initialize the reference member '%s'", typ->id->name, p->sym->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2511:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "union '%s' contains attribute declarations", typ->id->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2749:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fheader, "%s\n\t%s = " SOAP_LONG_FORMAT, c, ident(q->sym->name), i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2766:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%s declared at %s:%d has no content, requires enum constants", c_type(p->info.typ), p->filename, p->lineno);
data/gsoap-2.8.104/gsoap/src/symbol2.c:2950:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "serializable typedef '%s' is not namespace qualified: schema definition for '%s' in WSDL file output may be invalid", p->sym->name, p->sym->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3203:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->name, buf);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3276:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s/%s.xsd", tmpURI, ns_convert(ns->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3319:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.wsdl", dirpath, ns_cname(name, NULL));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3321:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.wsdl", dirpath, ns_cname(ns->name, NULL));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3344:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soapProxyH, "%s%s.h", prefix, name1);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3345:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathsoapProxyH, "%s%s", dirpath, soapProxyH);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3346:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soapProxyC, "%s%s.cpp", prefix, name1);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3347:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathsoapProxyC, "%s%s", dirpath, soapProxyC);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3370:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soapServiceH, "%s%s.h", prefix, name1);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3371:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathsoapServiceH, "%s%s", dirpath, soapServiceH);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3372:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(soapServiceC, "%s%s.cpp", prefix, name1);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3373:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathsoapServiceC, "%s%s", dirpath, soapServiceC);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3398:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%s.h", dirpath, prefix, ns_cname(name, "Proxy"));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3403:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.h", prefix, ns_cname(name, "Proxy"));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3411:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.h", dirpath, ns_cname(prefix, "Proxy"));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3416:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.h", ns_cname(prefix, "Proxy"));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3424:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%s.h", dirpath, prefix, ns_cname(name, "Object"));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3429:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.h", prefix, ns_cname(name, "Object"));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3437:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.h", dirpath, ns_cname(prefix, "Object"));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3442:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.h", ns_cname(prefix, "Object"));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3452:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3454:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, ns_fname(name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3456:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, ns_fname(ns->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3467:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.nsmap", dirpath, prefix);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3469:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.nsmap", dirpath, ns_cname(name, NULL));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3528:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(soapTester, prefix);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3534:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathsoapTester, dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3535:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathsoapTester, soapTester);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3632:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.xsd", dirpath, ns_cname(ns->name, NULL));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3651:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.nsmap", dirpath, prefix);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3653:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s.nsmap", dirpath, ns_cname(ns->name, NULL));
data/gsoap-2.8.104/gsoap/src/symbol2.c:3655:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%ssoap.nsmap", dirpath);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3705:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Cannot define method-header-part in WSDL: SOAP_ENV__Header \"%s\" member is not qualified", part);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4029:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "//gsoap %s method-fault %s %s directive does not refer to a member of struct SOAP_ENV__Detail: suggest to define struct SOAP_ENV__Detail with member %s", sp->ns, m->name, m->part, m->part);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4035:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "//gsoap %s method-fault %s %s directive does not refer to struct/class or typedef: should globablly define fault %s as type (typedef or struct/class)", sp->ns, m->name, m->part, m->part);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4302:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "operation '%s' is specific to SOAP encoding only and not compliant with WS-I Basic Profile 1.0a", p->sym->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4513:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, SOAP_LONG_FORMAT, e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4530:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", ns_remove2(q->sym->name, c_ident(p)));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4538:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", xstring(e->info.val.s));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4559:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, SOAP_LONG_FORMAT, p->imin + (p->incmin == False));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4561:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, SOAP_LONG_FORMAT, p->imax - (p->incmax == False));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4585:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", ns_remove2(q->sym->name, c_ident(p)));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4624:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s=\"" SOAP_LONG_FORMAT "\"", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4629:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s=\"%.17lG\"", a, e->info.val.r);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4641:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s=\"%s\"", a, ns_remove2(q->sym->name, c_ident(p)));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4649:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " %s=\"%s\"", a, xstring(e->info.val.s));
data/gsoap-2.8.104/gsoap/src/symbol2.c:5752:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member '%s::%s' of type '%s' at line %d has a type that does not correspond to the required unique type '%s' defined for root-level attribute '%s'", p->sym->name, q->sym->name, c_type(q->info.typ), q->lineno, c_type(e->info.typ), ns_convert(q->sym->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:5770:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member '%s::%s' of type '%s' at line %d has a type that does not correspond to the required unique type '%s' defined for root-level element '%s'", p->sym->name, q->sym->name, c_type(q->info.typ), q->lineno, c_type(e->info.typ), ns_convert(q->sym->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:7208:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Option -A requires a SOAPAction specified for operation %s where none is defined", ident(method->sym->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:8872:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%*s<!-- a repetition of " SOAP_LONG_FORMAT, n, "", p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:9097:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, p->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:9157:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, p->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:9315:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, q->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:9499:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%*s<!-- a repetition of " SOAP_LONG_FORMAT, n+1, "", q->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:10011:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, p->imin + (p->incmin == False));
data/gsoap-2.8.104/gsoap/src/symbol2.c:10013:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_LONG_FORMAT, p->imax - (p->incmax == False));
data/gsoap-2.8.104/gsoap/src/symbol2.c:10108:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_ULONG_FORMAT, (ULONG64)p->imin + (p->incmin == False));
data/gsoap-2.8.104/gsoap/src/symbol2.c:10110:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, SOAP_ULONG_FORMAT, (ULONG64)p->imax - (p->incmax == False));
data/gsoap-2.8.104/gsoap/src/symbol2.c:10378:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%*s<!-- a repetition of " SOAP_LONG_FORMAT, n+1, "", q->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:10475:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, buf);
data/gsoap-2.8.104/gsoap/src/symbol2.c:10481:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strrchr(tmp, '.'), "_%s_req.xml", method);
data/gsoap-2.8.104/gsoap/src/symbol2.c:10486:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strrchr(tmp, '.'), "_%s_res.xml", method);
data/gsoap-2.8.104/gsoap/src/symbol2.c:10490:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(strrchr(tmp, '.')+1, method);
data/gsoap-2.8.104/gsoap/src/symbol2.c:10661:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Option -A requires a SOAPAction specified for operation %s where none is defined", ident(method->sym->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:11248:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "%s declared at %s:%d has multiple base types, including %s", c_type(p->info.typ), p->filename, p->lineno, c_type(q));
data/gsoap-2.8.104/gsoap/src/symbol2.c:11727:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, type);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11730:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11755:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%s != " SOAP_LONG_FORMAT, buf, e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11780:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fd, "%s != (%s)" SOAP_LONG_FORMAT, buf, c_type(p), e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11878:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, namespaceid);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11886:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, t);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11900:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, namespaceid);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11908:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, t);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11910:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, n);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11993:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11998:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "Array%dOf%s", typ->width / ((Tnode*) typ->ref)->width, c_ident((Tnode*)typ->ref));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12000:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "ArrayOf%s", c_ident((Tnode*)typ->ref));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12006:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, res_remove(typ->id->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12008:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12186:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
t = strcpy(s, tag);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12266:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, r);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12281:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, r);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12308:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, n);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12310:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12363:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, suffix);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12375:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, tag);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12587:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, ns_convert(ns));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12596:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12678:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, ns_convert(ns));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12680:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, c_ident(typ));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12698:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t, ns_convert(ns));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12700:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, ns_convert(typ->id->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12830:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12838:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12846:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12860:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, c_type(((FNinfo*)typ->ref)->ret));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12866:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_storage(e->info.sto));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12869:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_type_id(e->info.typ, e->sym->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12870:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_init(e));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12884:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, r);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12886:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12963:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "%s" SOAP_LONG_FORMAT, a, e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12966:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s" SOAP_LONG_FORMAT "L", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12969:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s" SOAP_LONG_FORMAT "UL", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12972:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s" SOAP_LONG_FORMAT "LL", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12975:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s" SOAP_LONG_FORMAT "ULL", a, e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12979:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%g", a, e->info.val.r);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12982:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%gL", a, e->info.val.r);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12987:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, "%s(%s)" SOAP_LONG_FORMAT, a, c_type(p), e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12989:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s(%s)" SOAP_LONG_FORMAT "LL", a, c_type(p), e->info.val.i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12993:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s\"%s\"", a, cstring(e->info.val.s, 0));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12995:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%sL\"%s\"", a, cstring(e->info.val.s, 0));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12997:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s(wchar_t*)L\"%s\"", a, cstring(e->info.val.s, 0));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12999:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s(char*)\"%s\"", a, cstring(e->info.val.s, 0));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13001:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%sNULL", a);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13035:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13040:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13045:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13050:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13055:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13060:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13065:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13070:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13075:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13080:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13085:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13090:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13095:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13100:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13105:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13110:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13115:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13121:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13123:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13128:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13130:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13136:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13138:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13145:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13151:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13153:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13158:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13160:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13165:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p+1, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13170:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p+1, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13176:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p+2, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13183:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13190:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, tempBuf);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13202:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13206:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_storage(e->info.sto));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13209:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_type_id(e->info.typ, e->sym->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13210:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, c_init(e));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13223:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, ident(typ->id->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13225:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, q);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13227:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13253:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, synonym);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13255:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, id);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13288:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13331:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:17009:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s + l, "%s%s->__size[%d]", i ? " * " : "", a, i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:17559:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member '%s' cannot be serialized as an XML attribute", name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:17578:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errbuf, "Member '%s' cannot be serialized as an XML attribute", name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:17648:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "((%s*)%s)", type, name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19755:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(soap_flag_%s > " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.maxOccurs - p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19759:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || soap_flag_%s > " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.maxOccurs - p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19786:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(!a->%s || a->%s->size() < " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19790:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || !a->%s || a->%s->size() < " SOAP_LONG_FORMAT, ident(p->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19796:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s.size() < " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19800:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s.size() < " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19820:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s.size() > " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19824:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s.size() > " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19834:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s < " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19838:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s < " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19845:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s > " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:19849:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s > " SOAP_LONG_FORMAT, ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20562:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(soap_flag_%s%d > " SOAP_LONG_FORMAT, strict_check(), ident(p->sym->name), i, p->info.maxOccurs - p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20566:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || soap_flag_%s%d > " SOAP_LONG_FORMAT, ident(p->sym->name), i, p->info.maxOccurs - p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20593:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(!a->%s::%s || a->%s::%s->size() < " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20597:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || !a->%s::%s || a->%s::%s->size() < " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20603:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s::%s.size() < " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20607:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s::%s.size() < " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20627:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s::%s.size() > " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20631:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s::%s.size() > " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20641:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s::%s < " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20645:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s::%s < " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), p->info.minOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20652:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, "\n\t\tif (%s(a->%s::%s > " SOAP_LONG_FORMAT, strict_check(), ident(t->sym->name), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/src/symbol2.c:20656:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, " || a->%s::%s > " SOAP_LONG_FORMAT, ident(t->sym->name), ident(p->sym->name), p->info.maxOccurs);
data/gsoap-2.8.104/gsoap/stdsoap2.h:1469:46: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define SOAP_SNPRINTF(buf, len, num) void)snprintf((buf), (len)
data/gsoap-2.8.104/gsoap/stdsoap2.h:1470:46: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define SOAP_SNPRINTF_SAFE(buf, len) void)snprintf((buf), (len)
data/gsoap-2.8.104/gsoap/stdsoap2.h:1473:90: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define SOAP_SNPRINTF(buf, len, num) (len) <= (num)) ? (void)((buf)[0] = '\0') : (void)sprintf((buf)
data/gsoap-2.8.104/gsoap/stdsoap2.h:1474:45: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define SOAP_SNPRINTF_SAFE(buf, len) void)sprintf((buf)
data/gsoap-2.8.104/gsoap/stdsoap2.h:1898:24: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define SOAP_MESSAGE fprintf
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1840:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, t, "namespace", urienc(definitions.soap, (*schema2)->targetNamespace));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1842:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, t, "form", (*schema2)->elementFormDefault == qualified ? "qualified" : "unqualified");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1845:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, t, "elementForm", (*schema2)->elementFormDefault == qualified ? "qualified" : "unqualified");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1846:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, t, "attributeForm", (*schema2)->attributeFormDefault == qualified ? "qualified" : "unqualified");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2082:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(types.prefix(*i), u), "namespace", u);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2109:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.tname(NULL, NULL, *i), "__item");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2167:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(types.prefix(*j), u), "namespace", u);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2232:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(types.prefix(*k), u), "namespace", u);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2372:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.tname(NULL, NULL, *i), "__item");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2379:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, types.tnamenoptr(NULL, NULL, (*j).first), types.aname(NULL, NULL, (*j).first));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2389:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "struct soap", soap_context);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2409:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "xsd__anyType", "__item");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2411:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "_XML", "__item");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2418:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, types.wname(NULL, NULL, *i, LOOKUP), types.aname(NULL, NULL, *i));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2432:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, types.tnamenoptr(NULL, (*schema)->targetNamespace, (*simpleType).name), types.aname(NULL, (*schema)->targetNamespace, (*simpleType).name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2444:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, types.tnamenoptr(NULL, (*schema)->targetNamespace, (*complexType).name), types.aname(NULL, (*schema)->targetNamespace, (*complexType).name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2451:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "struct soap", soap_context);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2620:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "name", sv->name, "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2622:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "type", sv->type, "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2624:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "port", (*port), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2626:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "namespace", sv->URI, "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2628:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, sv->prefix, "transport", sv->transport, "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2800:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, (*header).second->URI), "namespace", (*header).second->URI);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2805:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "mustUnderstand", "// must be understood by receiver");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2812:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*header).second->part->elementPtr()->type), types.aname(NULL, NULL, (*header).second->part->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2814:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*header).second->part->element), types.aname(NULL, NULL, (*header).second->part->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2816:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*header).second->part->elementPtr()->name), (*header).first);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2822:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*header).second->part->type), types.aname(NULL, (*header).second->URI, (*header).second->part->name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2834:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*header).second->part->element), (*header).first);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2836:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, (*header).first, (*header).first);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2843:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, (*headerfault).second->URI), "namespace", (*headerfault).second->URI);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2848:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "mustUnderstand", "// must be understood by receiver");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2855:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*headerfault).second->part->elementPtr()->type), types.aname(NULL, NULL, (*headerfault).second->part->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2857:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*headerfault).second->part->element), types.aname(NULL, NULL, (*headerfault).second->part->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2859:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*headerfault).second->part->elementPtr()->name), (*headerfault).first);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2865:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*headerfault).second->part->type), types.aname(NULL, (*headerfault).second->URI, (*headerfault).second->part->name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2877:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*headerfault).second->part->element), (*headerfault).first);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2879:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, (*headerfault).first, (*headerfault).first);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2891:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, (*fault).second->URI), "namespace", (*fault).second->URI);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2903:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "struct soap", soap_context);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2926:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, t, "__anyAttribute");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2963:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*part).elementPtr()->type), types.aname(NULL, (*fault).second->URI, (*part).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2965:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", NULL, (*part).element), types.aname(NULL, (*fault).second->URI, (*part).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2974:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, (*fault).second->URI), "namespace", (*fault).second->URI);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2976:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, NULL, NULL, (*part).type), types.aname(NULL, (*fault).second->URI, (*part).name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2988:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, (*fault).first, types.aname(NULL, (*fault).second->URI, (*fault).second->message->name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:2997:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.pname(true, false, "_", (*fault).second->URI, (*fault).second->element->name), (*fault).second->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3003:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "int", "__type");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3005:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "void", "fault");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3007:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "_XML", "__any");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3388:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*(*op2)->output->message->part.begin()).type), cflag ? "*" : "&", types.aname(NULL, NULL, (*(*op2)->output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3407:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*(*op2)->output->message->part.begin()).type), cflag ? "*" : "&", types.aname(NULL, NULL, (*(*op2)->output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3637:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-protocol", method_name, protocol);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3639:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-mime-type", method_name, output->content->type);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3641:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "document");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3643:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "rpc");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3645:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "literal");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3647:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, output->encodingStyle);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3649:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "encoded");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3651:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, output->action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3655:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3657:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, "\"\"");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3668:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, NULL, (*part).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3670:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, (*message)->URI, (*part).name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3676:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3679:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault-action", method_name, (*message)->action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3682:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3693:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3695:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3700:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-mime-type", method_name, (*content).type);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3709:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3711:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3717:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputwheader).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3737:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-protocol", method_name, protocol);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3739:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-mime-type", method_name, output->content->type);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3741:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "document");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3743:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "rpc");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3745:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "literal");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3747:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, output->encodingStyle);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3749:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "encoded");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3751:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, output->action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3755:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3757:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, "\"\"");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3768:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, NULL, (*part).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3770:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, (*message)->URI, (*part).name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3776:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3779:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault-action", method_name, (*message)->action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3782:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3793:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3795:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3800:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-mime-type", method_name, (*content).type);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3809:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3811:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3817:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-header-part", method_name, types.aname(NULL, NULL, (*outputwheader).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3826:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*output->message->part.begin()).type), cflag ? "*:" : "&:", types.aname(NULL, NULL, (*output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3828:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*output->message->part.begin()).type), cflag ? "*" : "&", types.aname(NULL, NULL, (*output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3849:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-protocol", method_name, protocol);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3851:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-mime-type", method_name, input->content->type);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3853:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "document");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3855:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-style", method_name, "rpc");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3857:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-mime-type", method_name, output->content->type);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3859:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "literal");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3861:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, input->encodingStyle);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3863:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-encoding", method_name, "encoded");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3869:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-response-encoding", method_name, "literal");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3871:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-response-encoding", method_name, output->encodingStyle);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3873:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-response-encoding", method_name, "encoded");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3876:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, schemaformat, types.nsprefix(NULL, output->URI), "namespace", output->URI);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3879:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-action", method_name, input->action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3883:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3885:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-action", method_name, "\"\"");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3888:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-action", method_name, output->action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3898:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, NULL, (*part).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3900:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, types.aname(NULL, (*message)->URI, (*part).name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3906:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3909:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault-action", method_name, (*message)->action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3912:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-fault", method_name, (*message)->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3925:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, (*inputheader).namespace_, (*inputheader).part));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3927:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, NULL, (*inputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3932:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-mime-type", method_name, (*content).type);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3941:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, (*inputheader).namespace_, (*inputheader).part));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3943:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, NULL, (*inputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3949:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-input-header-part", method_name, types.aname(NULL, NULL, (*inputwheader).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3963:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3965:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3970:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-mime-type", method_name, (*content).type);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3978:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, (*outputheader).namespace_, (*outputheader).part));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3980:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, NULL, (*outputheader).partPtr()->element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:3986:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, serviceformat, prefix, "method-output-header-part", method_name, types.aname(NULL, NULL, (*outputwheader).element));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4003:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*output->message->part.begin()).type), cflag ? "*:" : "&:", types.aname(NULL, NULL, (*output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4005:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.tnamenoptr(NULL, NULL, (*output->message->part.begin()).type), cflag ? "*" : "&", types.aname(NULL, NULL, (*output->message->part.begin()).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4084:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, flag ? " " : cflag ? "*" : "&", types.aname(NULL, nameURI, name), sep);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4090:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.pname(optional, false, prefix, typeURI, type), " ", types.aname(NULL, nameURI, name), sep);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4102:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.pname(optional, false, NULL, NULL, (*part).element), " ", types.aname(NULL, NULL, (*part).element), sep);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4137:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, flag ? " :" : cflag ? "*:" : "&:", types.aname(NULL, NULL, (*part).name), sep);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4139:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, flag ? " " : cflag ? "*" : "&", types.aname(NULL, nameURI, (*part).name), sep);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4150:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeparaformat, "int", types.aname(NULL, NULL, (*part).name), ",");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4152:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, unqual ? "*:" : "*", types.aname(NULL, nameURI, (*part).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4156:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateparaformat, types.vname("$CONTAINER"), t, unqual ? " :" : " ", types.aname(NULL, nameURI, (*part).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4161:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, t, unqual ? " :" : " ", types.aname(NULL, nameURI, (*part).name), "");
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4217:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, paraformat, t, flag ? " " : cflag ? "*" : "&", anonymous ? "" : types.aname(NULL, URI, name), sep);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4225:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.pname(optional, false, prefix, URI, type), " ", types.aname(NULL, URI, name), sep);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4247:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, anonymous ? anonformat : paraformat, types.pname(optional, false, prefix, URI, type), " ", types.aname(NULL, NULL, name), sep);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4554:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.tname(NULL, NULL, (*i2).type), types.aname(NULL, NULL, (*i2).name));
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4556:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, types.tname(NULL, NULL, (*i2).element), types.aname(NULL, NULL, (*i2).name));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1618:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1779:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1896:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1976:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, " " SOAP_LONG_FORMAT, to_integer(simpleType.restriction->minExclusive->value)+1);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2018:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, " : " SOAP_LONG_FORMAT, to_integer(simpleType.restriction->maxExclusive->value)-1);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2040:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2107:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2181:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2210:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2280:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, t, "__item;");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2304:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2325:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, "");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2475:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, baseURI, base), "__item");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2536:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, baseURI, base), "__item");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2911:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(with_union, false, NULL, NULL, "xs:any"), "__mixed");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2916:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, NULL, "xs:any"), "__mixed");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2929:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, tnamenoptr(NULL, NULL, *i), aname(NULL, NULL, *i, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2935:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, derivedformat, tnamenoptr(NULL, NULL, *i), aname(NULL, NULL, *i, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:2948:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "struct soap", soap_context);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3046:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, pname(is_optional, true, typeprefix, typeURI, type), aname(nameprefix, nameURI, name, &members)); // make sure no name - type clash
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3053:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, pname(is_optional, true, NULL, URI, type), aname(nameprefix, nameURI, name, &members)); // make sure no name - type clash
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3062:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attrtemplateformat_open, r, "\n");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3068:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3070:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3072:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3079:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, pname(is_optional, true, "_", NULL, attribute.ref), aname(NULL, NULL, attribute.ref, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3085:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, pname(is_optional, true, NULL, NULL, type), aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3238:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), s + 1);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3249:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, vname("$CONTAINER"), "\n");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3270:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "}", s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3274:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}>", s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3285:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "}", s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3416:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3424:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3429:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3436:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), s, aname(nameprefix, nameURI, name));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3438:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3449:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(nillable, !with_union, typeprefix, typeURI, type), aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3486:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3494:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3499:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3506:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3508:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3516:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(nillable, !with_union, NULL, URI, type), aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3529:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3542:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, vname("$CONTAINER"), "\n");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3551:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, r, "\n");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3557:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3564:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3568:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3582:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3595:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, vname("$CONTAINER"), "\n");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3604:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, r, "\n");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3610:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3617:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3621:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, s, aname(nameprefix, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3633:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, element.ref));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3638:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, pname(true, true, "_", NULL, element.ref), aname(nameprefix, nameURI, element.ref, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3644:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), tname("_", NULL, element.ref), aname(nameprefix, nameURI, element.ref, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3646:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), tname("_", NULL, element.ref), aname(nameprefix, nameURI, element.ref, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3653:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(nillable, !with_union, "_", NULL, element.ref), aname(nameprefix, nameURI, element.ref, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3663:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), aname(NULL, NULL, name));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3669:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "_XML", aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3675:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), "_XML", aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3677:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), "_XML", aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3683:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "_XML", aname(NULL, nameURI, name, &members));
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3865:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat_open, vname("$CONTAINER"), "\n");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3875:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), r);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3890:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, choiceformat, "int", r);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3920:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", s[0] == '_' && s[1] == '_' ? s+2 : s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3933:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, with_union ? pointerformat : elementformat, "}>", s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3940:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "}", s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3946:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3987:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), "");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3989:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, tname(NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3993:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3997:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointertemplateformat, vname("$CONTAINER"), tname(NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3999:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, templateformat, vname("$CONTAINER"), tname(NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4003:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, pname(with_union, false, NULL, NULL, "xs:any"), "__any");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4022:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, attributeformat, t, "__anyAttribute");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4073:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, pURI, base), "__item");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4085:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, tname(NULL, pURI, base), "__item");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4187:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, arrayformat, "}", item ? aname(NULL, NULL, item) : "");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4194:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, arrayformat, s, item ? aname(NULL, NULL, item) : "");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4201:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, arraysizeformat, "int", size);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4203:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, arrayoffsetformat, "int", size);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4284:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, sizeformat, vname("$SIZE"), r);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4298:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, choiceformat, "int", r);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4324:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", s[0] == '_' && s[1] == '_' ? s+2 : s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4326:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", t[0] == '_' ? t+1 : t);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4334:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, pointerformat, "}", s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4339:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stream, elementformat, "}", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:856:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
source_date_epoch = getenv("SOURCE_DATE_EPOCH");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4150:7: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned long)time(NULL));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4152:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)time(NULL));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4157:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long r = random(); /* we actually do no use random() anywhere, except to further seed the OpenSSL PRNG */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9436:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv("HTTP_COOKIE");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:3115:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define soap_random (int)random()
data/gsoap-2.8.104/gsoap/plugin/threads.c:86:3: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&cv->waiters_count_lock_);
data/gsoap-2.8.104/gsoap/plugin/threads.c:109:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&cv->waiters_count_lock_);
data/gsoap-2.8.104/gsoap/plugin/threads.c:126:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&cv->waiters_count_lock_);
data/gsoap-2.8.104/gsoap/plugin/threads.c:136:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&cv->waiters_count_lock_);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4150:7: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned long)time(NULL));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4152:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)time(NULL));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4157:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long r = random(); /* we actually do no use random() anywhere, except to further seed the OpenSSL PRNG */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9436:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv("HTTP_COOKIE");
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:3115:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define soap_random (int)random()
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:136:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *s = getenv("TMPDIR");
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:252:14: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
{ name = tempnam(TMPDIR, "data");
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:396:16: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
char *name = tempnam(TMPDIR, "data");
data/gsoap-2.8.104/gsoap/samples/magic/magic.cpp:56:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
{ char *s = getenv("QUERY_STRING");
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:133:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
{ const char *tmp = getenv("TMPDIR");
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:520:10: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
file = tempnam(TMPDIR, "data");
data/gsoap-2.8.104/gsoap/samples/roll/rollserver.cpp:3:88: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int main() { return soap_serve(soap_new()); } int r__roll(struct soap *soap, int &r) { srand(time(0)); r = rand()%6+1; return SOAP_OK; }
data/gsoap-2.8.104/gsoap/samples/router/router.c:324:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
{ char *s = getenv("REQUEST_METHOD");
data/gsoap-2.8.104/gsoap/samples/router/router.c:328:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
{ s = getenv("Content-Length");
data/gsoap-2.8.104/gsoap/samples/router/router.c:332:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
service_action = getenv("HTTP_SOAPAction");
data/gsoap-2.8.104/gsoap/samples/router/router.c:334:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
service_action = getenv("QUERY_STRING");
data/gsoap-2.8.104/gsoap/samples/rss/rss.c:101:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
{ char *query = getenv("QUERY_STRING"); /* CGI app: get query string */
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:183:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return (unsigned long)random();
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:883:5: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(seed);
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:884:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
seed = random();
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:886:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((int)seed);
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:350:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
user = getenv("USER");
data/gsoap-2.8.104/gsoap/samples/wsse/wsselite.c:80:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
user = getenv("USER");
data/gsoap-2.8.104/gsoap/src/symbol2.c:856:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
source_date_epoch = getenv("SOURCE_DATE_EPOCH");
data/gsoap-2.8.104/gsoap/stdsoap2.c:4150:7: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned long)time(NULL));
data/gsoap-2.8.104/gsoap/stdsoap2.c:4152:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)time(NULL));
data/gsoap-2.8.104/gsoap/stdsoap2.c:4157:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long r = random(); /* we actually do no use random() anywhere, except to further seed the OpenSSL PRNG */
data/gsoap-2.8.104/gsoap/stdsoap2.c:9436:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv("HTTP_COOKIE");
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4150:7: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned long)time(NULL));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4152:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)time(NULL));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4157:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long r = random(); /* we actually do no use random() anywhere, except to further seed the OpenSSL PRNG */
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9436:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv("HTTP_COOKIE");
data/gsoap-2.8.104/gsoap/stdsoap2.h:3115:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define soap_random (int)random()
data/gsoap-2.8.104/gsoap/TandemNonStop/server.c:56:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m = soap_bind(&soap, NULL, atoi(argv[2]), 100);
data/gsoap-2.8.104/gsoap/TandemNonStop/server.c:97:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "<error xmlns=\"http://tempuri.org/\">Can't divide %f by %f</error>", a, b);
data/gsoap-2.8.104/gsoap/TandemNonStop/server.c:107:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "Can't take the power of %f to %f", a, b);
data/gsoap-2.8.104/gsoap/TandemNonStop/server.c:108:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "<error xmlns=\"http://tempuri.org/\">Can't take power of %f to %f</error>", a, b);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/error2.c:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[2048]; /* to hold error messages */
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:741:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yytext[YYLMAX];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:806:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static struct importlist { struct importlist *next; char name[1]; } *importlist = NULL;
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:807:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *fnstk[MAX_IMPORT_DEPTH];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:809:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *imstk[MAX_IMPORT_DEPTH];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:1354:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char *s, *t, buf[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:1377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char *s, buf[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3303:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buf[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3324:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(yyin = fopen(file, "r")))
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3351:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
yyin = fopen(buf, "r");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirpath[1024]; /* directory path for generated source files */
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:380:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (!(yyin = fopen(argv[i], "r")))
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.h:242:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* the actual string value flows into the allocated region id[0...] below this struct */
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.h:489:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char dirpath[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:1633:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:1822:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2680:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "operator ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:4611:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "char[" SOAP_LONG_FORMAT "] will be serialized as an array of " SOAP_LONG_FORMAT " bytes: use soapcpp2 option -b to enable char[] string serialization or use char* for strings", (yyvsp[-2].rec).val.i, (yyvsp[-2].rec).val.i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6286:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(r, "Response");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:84:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapStub[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:85:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapH[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:86:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapC[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:87:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapClient[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapServer[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:89:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapClientLib[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:90:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapServerLib[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:91:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapReadme[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapProxyH[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:93:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapProxyC[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapServiceH[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:95:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapServiceC[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:96:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapTester[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:97:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapMatlab[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:98:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapMatlabHdr[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:100:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapTester[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:101:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapStub[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:102:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapH[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:103:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapC[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:104:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapClient[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:105:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapServer[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:106:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapClientLib[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:107:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapServerLib[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:108:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapReadme[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:109:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapProxyH[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:110:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapProxyC[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:111:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapServiceH[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:112:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapServiceC[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:113:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapMatlab[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:114:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapMatlabHdr[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:433:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:853:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:878:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:907:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapMatlab, "Matlab.c");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:912:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapMatlabHdr, "Matlab.h");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:917:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapStub, "Stub.h");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:921:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapH, "H.h");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:926:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapC, "C_nnn");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:933:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapClient, "Client");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:938:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapServer, "Server");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:943:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapClientLib, "ClientLib");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:948:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapServerLib, "ServerLib");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:953:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapReadme, "Readme.md");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:960:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fmatlab = fopen(pathsoapMatlab, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:966:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fmheader = fopen(pathsoapMatlabHdr, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:976:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
freport = fopen(pathsoapReadme, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:982:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fheader = fopen(pathsoapStub, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1000:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhead = fopen(pathsoapH, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1036:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fclient = fopen(pathsoapClient, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1051:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
flib = fopen(pathsoapClientLib, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1077:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fserver = fopen(pathsoapServer, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1092:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
flib = fopen(pathsoapServerLib, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1147:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t-3, "%03d", filenum);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1157:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(pathsoapC, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:1634:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3168:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3213:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->name, "xsd");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3217:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->name, "xsi");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3221:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->name, "SOAP-ENC");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3225:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->name, "SOAP-ENV");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3325:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3349:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapProxyH, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3359:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapProxyC, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3375:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapServiceH, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3385:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapServiceC, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3400:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3413:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3426:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3439:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3471:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3529:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapTester, "Tester");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3531:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapTester, ".c");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3533:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapTester, ".cpp");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3537:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapTester, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3634:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3657:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4493:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4518:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", e->info.val.r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4569:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", p->rmin * (1 + (p->incmin == False)/1000));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4571:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", p->rmax * (1 - (p->incmax == False)/1000));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4573:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", p->rmin * (1 - (p->incmin == False)/1000));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4575:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", p->rmax * (1 + (p->incmax == False)/1000));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4599:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4983:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[4];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:8837:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:9659:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10203:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10473:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10477:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "REST.");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10493:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, ".req.xml");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10498:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, ".res.xml");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10502:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(tmp, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11374:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t + (s - p->id->name) + 2, "make_shared");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11722:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "(*a->");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11724:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "a->");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11728:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "::");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11877:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SOAP_TYPE_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11884:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SOAP_TYPE_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11899:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SOAP_UNION_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11906:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SOAP_UNION_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11992:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "PointerTo");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12007:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "TemplateOf");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12108:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[5];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12119:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[5];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12149:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[5];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12160:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[5];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12589:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(t, "ArrayOf");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12594:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "ArrayOf");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12599:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t+strlen(t), "%dD", d);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12829:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "struct ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12837:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "union ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12845:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "enum ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12873:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "void");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12875:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ", ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12887:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "> ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12899:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12902:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "mutable ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12904:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "inline ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12906:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "friend ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12908:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "virtual ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12910:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "typedef ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12912:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "explicit ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12914:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "static ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12916:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "register ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12918:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "auto ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12920:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "const ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12922:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "const ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12945:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[8196];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13022:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempBuf[10];
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13034:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "void ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13039:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "char ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13044:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "wchar_t ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13049:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "short ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13054:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "int ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13059:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "long ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13064:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "LONG64 ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13069:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "float ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13074:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "double ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13079:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "long double ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13084:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "unsigned char ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13089:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "unsigned short ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13094:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "unsigned int ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13099:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "unsigned long ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13104:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "ULONG64 ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13109:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "size_t ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13114:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "time_t ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13120:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "struct ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13135:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "union ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13144:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "bool ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13150:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "enum ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13189:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempBuf, "[%d]", (typ->width / ((Tnode*) typ->ref)->width));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13213:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "void");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13215:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ", ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13226:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "> ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13293:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ", ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13336:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ", ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:21490:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "\\%03o", (unsigned int)(unsigned char)*s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:21526:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "&#%.2x;", (unsigned char)*s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:21531:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "<");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:21536:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, ">");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:21541:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "&");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:21546:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, """);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:21551:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "\\\\");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/includes.h:134:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *infile[MAXINFILES], *outfile, *proxy_host, *proxy_userid, *proxy_passwd, *auth_userid, *auth_passwd;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:479:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(loc, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:501:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:517:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:532:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4362:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:325:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_env1[42] = "http://schemas.xmlsoap.org/soap/envelope/";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:326:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_enc1[42] = "http://schemas.xmlsoap.org/soap/encoding/";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:327:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_env2[40] = "http://www.w3.org/2003/05/soap-envelope";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:328:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_enc2[40] = "http://www.w3.org/2003/05/soap-encoding";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:329:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_rpc[35] = "http://www.w3.org/2003/05/soap-rpc";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:332:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_base64o[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:333:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_base64i[81] = "\76XXX\77\64\65\66\67\70\71\72\73\74\75XXXXXXX\00\01\02\03\04\05\06\07\10\11\12\13\14\15\16\17\20\21\22\23\24\25\26\27\30\31XXXXXX\32\33\34\35\36\37\40\41\42\43\44\45\46\47\50\51\52\53\54\55\56\57\60\61\62\63";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:336:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_indent[21] = "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:346:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_padding[4] = "\0\0\0";
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:930:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[24];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1431:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, tmp[17];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1604:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1895:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[8];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:2085:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:2159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[24];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:2305:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[2 * SOAP_BINARY_BUFLEN], *p = d;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:2471:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[4 * SOAP_BINARY_BUFLEN], *p = d;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3977:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dparams_buf[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3978:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(dhfile, "r");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4147:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4516:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char priority[80];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:7065:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[16];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:7503:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[SOAP_HDRLEN], *s;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char http[32];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8897:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, tmp[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8995:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, tmp[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, tmp[4096]; /* cookie size is up to 4096 bytes [RFC2109] */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9255:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[3];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9435:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[4096], val[4096]; /* cookie size is up to 4096 bytes [RFC2109] */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:11604:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->fdebug[i] = fopen(soap->logfile[i], i < 2 ? "ab" : "a");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:14230:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MB_LEN_MAX > 8 ? MB_LEN_MAX : 8];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19195:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19386:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[sizeof(soap->host)];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21409:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (soap->fopen && *soap->host)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21429:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->socket = soap->fopen(soap, endpoint, soap->host, soap->port);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1513:77: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define soap_memcpy(buf, len, src, num) ((size_t)(len) >= (size_t)(num) ? !memcpy((buf), (src), (num)) : SOAP_ERANGE)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2015:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1]; /* the actual string value flows into the allocated region id[0...] below this struct */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2086:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* the actual name string flows into the allocated region below this struct */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2748:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SOAP_SOCKET (*fopen)(struct soap*, const char*, const char*, int);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2819:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SOAP_BUFLEN];/* send and receive buffer */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2820:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[SOAP_TMPLEN]; /* in/out buffer for HTTP/MIME headers and short messages, must be >=1024 bytes */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2821:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[SOAP_TMPLEN]; /* in/out buffer for HTTP/MIME headers, simpleType values, element and attribute tag names, and DIME must be >=1024 bytes */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2822:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2823:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2824:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char href[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2825:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2826:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arrayType[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2827:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraySize[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2828:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arrayOffset[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2845:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endpoint[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2846:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2847:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2885:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *logfile[SOAP_MAXLOGS];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:2956:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char session_host[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:3024:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1]; /* the actual id string value flows into the allocated region below this struct */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:178:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], xsd[4096], def[4096], use[4096], ptr[4096], uri[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:183:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "r");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:187:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "r");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:225:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(outfile, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:733:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *t;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1815:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[16];
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:271:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(loc, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:293:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:309:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:324:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl2h.cpp:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *infile[MAXINFILES],
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl2h.cpp:632:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(outfile, "w");
data/gsoap-2.8.104/gsoap/custom/duration.c:183:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/gsoap-2.8.104/gsoap/custom/struct_timeval.c:155:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/gsoap-2.8.104/gsoap/doc/guide/stdsoap2.h:4018:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endpoint[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/doc/guide/stdsoap2.h:4025:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/doc/guide/stdsoap2.h:4032:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/doc/guide/stdsoap2.h:4195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SOAP_BUFLEN];
data/gsoap-2.8.104/gsoap/doc/guide/stdsoap2.h:4197:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[SOAP_TMPLEN];
data/gsoap-2.8.104/gsoap/doc/guide/stdsoap2.h:4199:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[SOAP_TMPLEN];
data/gsoap-2.8.104/gsoap/doc/guide/stdsoap2.h:4495:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SOAP_SOCKET (*fopen)(struct soap *soap, const char *endpoint, const char *host, int port);
data/gsoap-2.8.104/gsoap/ios_plugin/gsoapios.h:154:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SOAP_SOCKET (*fopen)(struct soap*, const char*, const char*, int);
data/gsoap-2.8.104/gsoap/plugin/cacerts.c:118:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[80];
data/gsoap-2.8.104/gsoap/plugin/curlapi.h:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CURL_ERROR_SIZE];
data/gsoap-2.8.104/gsoap/plugin/httpda.c:534:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void http_da_calc_nonce(struct soap *soap, char nonce[HTTP_DA_NONCELEN]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:535:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void http_da_calc_opaque(struct soap *soap, char opaque[HTTP_DA_OPAQUELEN]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:536:86: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:536:103: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:536:123: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:536:142: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:536:162: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:536:181: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:536:195: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:91: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:102: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:125: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:144: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:164: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:184: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:201: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:221: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:232: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:254: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:537:273: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32]);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:736:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA1hex[65], entityHAhex[65], response[65], responseHA[32];
data/gsoap-2.8.104/gsoap/plugin/httpda.c:737:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cnonce[HTTP_DA_NONCELEN];
data/gsoap-2.8.104/gsoap/plugin/httpda.c:738:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ncount[9];
data/gsoap-2.8.104/gsoap/plugin/httpda.c:827:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[HTTP_DA_NONCELEN];
data/gsoap-2.8.104/gsoap/plugin/httpda.c:828:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opaque[HTTP_DA_OPAQUELEN];
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1368:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA1hex[65], entityHAhex[65], response[65], responseHA[32];
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1535:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_nonce(struct soap *soap, char nonce[HTTP_DA_NONCELEN])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1545:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_opaque(struct soap *soap, char opaque[HTTP_DA_OPAQUELEN])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1558:75: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1558:92: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1558:112: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1558:131: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1558:151: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1558:170: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1558:184: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_HA1(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, const char *userid, const char *realm, const char *passwd, const char *nonce, const char *cnonce, char HA1hex[65])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1562:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA1[32];
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:80: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:91: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:114: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:133: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:153: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:173: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:190: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:210: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:221: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:243: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1606:262: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
http_da_calc_response(struct soap *soap, struct soap_smd_data *smd_data, const char *alg, char HA1hex[65], const char *nonce, const char *ncount, const char *cnonce, const char *qop, const char *method, const char *uri, char entityHAhex[65], char response[65], char responseHA[32])
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1610:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA2[32], HA2hex[65];
data/gsoap-2.8.104/gsoap/plugin/httpda.h:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest[32]; /**< entity body digest */
data/gsoap-2.8.104/gsoap/plugin/httpda.h:116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[32]; /**< server-side: client's response digest key */
data/gsoap-2.8.104/gsoap/plugin/httpdatest.c:81:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (argc < 3 && (port = atoi(argv[1])))
data/gsoap-2.8.104/gsoap/plugin/httpmd5.c:85:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char http_md5_id[18] = HTTP_MD5_ID;
data/gsoap-2.8.104/gsoap/plugin/httpmd5.c:149:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf64[25]; /* 24 base64 chars + '\0' */
data/gsoap-2.8.104/gsoap/plugin/httpmd5.c:228:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest[16];
data/gsoap-2.8.104/gsoap/plugin/httpmd5.h:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest[16];
data/gsoap-2.8.104/gsoap/plugin/httppipe.h:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SOAP_BUFLEN];
data/gsoap-2.8.104/gsoap/plugin/httppost.c:248:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[SOAP_HDRLEN];
data/gsoap-2.8.104/gsoap/plugin/md5evp.c:57:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[EVP_MAX_MD_SIZE];
data/gsoap-2.8.104/gsoap/plugin/mecevp.c:607:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[EVP_MAX_IV_LENGTH];
data/gsoap-2.8.104/gsoap/plugin/mecevp.h:198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[16]; /**< GCM authentication tag buffer */
data/gsoap-2.8.104/gsoap/plugin/mecevp.h:201:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ekey[EVP_MAX_KEY_LENGTH];/**< ephemeral key */
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:1366:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char soap_wsrm_idname[40] = "";
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:64:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_wsse_id[14] = SOAP_WSSE_ID;
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[SOAP_SMD_SHA1_SIZE]; /**< SHA1 digest */
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:132:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[1]; /**< Nonce string flows into region below this struct */
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:143:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int soap_wsse_session_verify(struct soap *soap, const char hash[SOAP_SMD_SHA1_SIZE], const char *created, const char *nonce);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:145:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:145:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:145:104: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:145:120: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:146:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_nonce(struct soap *soap, char nonce[SOAP_WSSE_NONCELEN]);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:425:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_SHA1_SIZE], HABase64[29];
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:426:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[SOAP_WSSE_NONCELEN], *nonceBase64;
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:517:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char HA1[SOAP_SMD_SHA1_SIZE], HA2[SOAP_SMD_SHA1_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:632:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(filename, "r")))
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:778:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buf[1024];
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:1307:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SOAP_SMD_MAX_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:1351:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:1351:93: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:1377:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ unsigned char HA[SOAP_SMD_MAX_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2007:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buf[1024];
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2341:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_session_verify(struct soap *soap, const char hash[SOAP_SMD_SHA1_SIZE], const char *created, const char *nonce)
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2428:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2428:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2428:92: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2428:108: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2451:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_nonce(struct soap *soap, char nonce[SOAP_WSSE_NONCELEN])
data/gsoap-2.8.104/gsoap/plugin/wsse2api.h:127:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SOAP_SMD_MAX_SIZE];/**< Digest hash value */
data/gsoap-2.8.104/gsoap/plugin/wsse2api.h:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1]; /**< String flows down the struct */
data/gsoap-2.8.104/gsoap/plugin/wsse2api.h:200:78: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.h:200:97: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2310:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_wsse_id[14] = SOAP_WSSE_ID;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[SOAP_SMD_SHA1_SIZE]; /**< SHA1 digest */
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2406:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[1]; /**< Nonce string flows into region below this struct */
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2423:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int soap_wsse_session_verify(struct soap *soap, const char hash[SOAP_SMD_SHA1_SIZE], const char *created, const char *nonce);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2425:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2425:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2425:104: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2425:120: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2813:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_SHA1_SIZE], HABase64[29];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2814:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[SOAP_WSSE_NONCELEN], *nonceBase64;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2930:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA1[SOAP_SMD_SHA1_SIZE], HA2[SOAP_SMD_SHA1_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:3062:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename, "r");
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:3238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:4108:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SOAP_SMD_MAX_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:4183:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:4183:93: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:4214:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char HA[SOAP_SMD_MAX_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5164:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5844:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_session_verify(struct soap *soap, const char hash[SOAP_SMD_SHA1_SIZE], const char *created, const char *nonce)
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5940:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5940:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5940:92: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5940:108: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:6013:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_MD5_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:6014:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[SOAP_SMD_MD5_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:6048:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_SHA1_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:6049:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[SOAP_SMD_SHA1_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:6083:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_SHA256_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:6084:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[SOAP_SMD_SHA256_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2310:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_wsse_id[14] = SOAP_WSSE_ID;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[SOAP_SMD_SHA1_SIZE]; /**< SHA1 digest */
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2406:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[1]; /**< Nonce string flows into region below this struct */
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2423:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int soap_wsse_session_verify(struct soap *soap, const char hash[SOAP_SMD_SHA1_SIZE], const char *created, const char *nonce);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2425:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2425:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2425:104: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2425:120: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2813:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_SHA1_SIZE], HABase64[29];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2814:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[SOAP_WSSE_NONCELEN], *nonceBase64;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2930:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA1[SOAP_SMD_SHA1_SIZE], HA2[SOAP_SMD_SHA1_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:3062:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename, "r");
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:3238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:4108:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SOAP_SMD_MAX_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:4183:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:4183:93: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:4214:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char HA[SOAP_SMD_MAX_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5164:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5844:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
soap_wsse_session_verify(struct soap *soap, const char hash[SOAP_SMD_SHA1_SIZE], const char *created, const char *nonce)
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5940:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5940:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5940:92: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5940:108: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
calc_digest(struct soap *soap, const char *created, const char *nonce, int noncelen, const char *password, char hash[SOAP_SMD_SHA1_SIZE])
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:6013:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_MD5_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:6014:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[SOAP_SMD_MD5_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:6048:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_SHA1_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:6049:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[SOAP_SMD_SHA1_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:6083:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[SOAP_SMD_SHA256_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:6084:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[SOAP_SMD_SHA256_SIZE];
data/gsoap-2.8.104/gsoap/plugin/wsseapi.h:128:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SOAP_SMD_MAX_SIZE];/**< Digest hash value */
data/gsoap-2.8.104/gsoap/plugin/wsseapi.h:129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1]; /**< String flows down the struct */
data/gsoap-2.8.104/gsoap/plugin/wsseapi.h:209:100: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SOAP_FMAC1 int SOAP_FMAC2 soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.h:209:119: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SOAP_FMAC1 int SOAP_FMAC2 soap_wsse_verify_digest(struct soap *soap, int alg, int canonical, const char *id, unsigned char hash[SOAP_SMD_MAX_SIZE]);
data/gsoap-2.8.104/gsoap/plugin/wstapi.c:579:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HA[16];
data/gsoap-2.8.104/gsoap/samples/calc++/calcserver.cpp:49:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/calc/calcserver.c:52:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m = soap_bind(&soap, NULL, atoi(argv[1]), 1);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:325:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_env1[42] = "http://schemas.xmlsoap.org/soap/envelope/";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:326:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_enc1[42] = "http://schemas.xmlsoap.org/soap/encoding/";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:327:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_env2[40] = "http://www.w3.org/2003/05/soap-envelope";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:328:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_enc2[40] = "http://www.w3.org/2003/05/soap-encoding";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:329:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_rpc[35] = "http://www.w3.org/2003/05/soap-rpc";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:332:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_base64o[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:333:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_base64i[81] = "\76XXX\77\64\65\66\67\70\71\72\73\74\75XXXXXXX\00\01\02\03\04\05\06\07\10\11\12\13\14\15\16\17\20\21\22\23\24\25\26\27\30\31XXXXXX\32\33\34\35\36\37\40\41\42\43\44\45\46\47\50\51\52\53\54\55\56\57\60\61\62\63";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:336:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_indent[21] = "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:346:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_padding[4] = "\0\0\0";
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:930:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[24];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1431:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, tmp[17];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1604:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1895:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[8];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:2085:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:2159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[24];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:2305:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[2 * SOAP_BINARY_BUFLEN], *p = d;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:2471:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[4 * SOAP_BINARY_BUFLEN], *p = d;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3977:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dparams_buf[1024];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3978:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(dhfile, "r");
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4147:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4516:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char priority[80];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:7065:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[16];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:7503:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[SOAP_HDRLEN], *s;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char http[32];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8897:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, tmp[4096];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8995:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, tmp[4096];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, tmp[4096]; /* cookie size is up to 4096 bytes [RFC2109] */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9255:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[3];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9435:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[4096], val[4096]; /* cookie size is up to 4096 bytes [RFC2109] */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:11604:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->fdebug[i] = fopen(soap->logfile[i], i < 2 ? "ab" : "a");
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:14230:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MB_LEN_MAX > 8 ? MB_LEN_MAX : 8];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19195:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19386:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[sizeof(soap->host)];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21409:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (soap->fopen && *soap->host)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21429:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->socket = soap->fopen(soap, endpoint, soap->host, soap->port);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1513:77: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define soap_memcpy(buf, len, src, num) ((size_t)(len) >= (size_t)(num) ? !memcpy((buf), (src), (num)) : SOAP_ERANGE)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2015:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1]; /* the actual string value flows into the allocated region id[0...] below this struct */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2086:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* the actual name string flows into the allocated region below this struct */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2748:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SOAP_SOCKET (*fopen)(struct soap*, const char*, const char*, int);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2819:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SOAP_BUFLEN];/* send and receive buffer */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2820:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[SOAP_TMPLEN]; /* in/out buffer for HTTP/MIME headers and short messages, must be >=1024 bytes */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2821:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[SOAP_TMPLEN]; /* in/out buffer for HTTP/MIME headers, simpleType values, element and attribute tag names, and DIME must be >=1024 bytes */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2822:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2823:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2824:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char href[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2825:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2826:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arrayType[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2827:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraySize[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2828:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arrayOffset[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2845:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endpoint[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2846:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2847:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2885:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *logfile[SOAP_MAXLOGS];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:2956:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char session_host[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:3024:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1]; /* the actual id string value flows into the allocated region below this struct */
data/gsoap-2.8.104/gsoap/samples/databinding/address.cpp:92:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fs.open("address.xml", std::ios::in);
data/gsoap-2.8.104/gsoap/samples/databinding/address.cpp:178:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fs.open("address.xml", std::ios::out);
data/gsoap-2.8.104/gsoap/samples/databinding/address.cpp:205:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[80];
data/gsoap-2.8.104/gsoap/samples/dime/dimeclient.cpp:228:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(name, "wb");
data/gsoap-2.8.104/gsoap/samples/dime/dimeclient.cpp:256:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen((char*)handle, "rb");
data/gsoap-2.8.104/gsoap/samples/dime/dimeclient.cpp:281:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle = fopen(name, "wb");
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:172:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:313:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(s, "rb");
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:316:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(s, "rb");
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:350:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(name, "wb");
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:400:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle->fd = fopen(handle->name, "wb");
data/gsoap-2.8.104/gsoap/samples/dom/domcpp.cpp:453:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifs.open(ifile, std::ifstream::in);
data/gsoap-2.8.104/gsoap/samples/dom/domcpp.cpp:467:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofs.open(ofile, std::ofstream::out);
data/gsoap-2.8.104/gsoap/samples/factory/factory.cpp:226:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap.sendfd = open(file, O_CREAT|O_TRUNC|O_WRONLY, S_IREAD|S_IWRITE);
data/gsoap-2.8.104/gsoap/samples/factory/factory.cpp:250:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap.recvfd = open(file, O_RDONLY);
data/gsoap-2.8.104/gsoap/samples/factory/factory.cpp:298:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ m = soap_bind(&soap, NULL, atoi(argv[1]), 100); // use command line argument as port number
data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp:81:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp:87:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "localhost:%d", port);
data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp:126:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp:133:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(s)+1; // yes: increment int value as demo example session
data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp:136:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", n);
data/gsoap-2.8.104/gsoap/samples/lu/luserver.cpp:50:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ m = soap_bind(soap, argv[1], atoi(argv[2]), 100);
data/gsoap-2.8.104/gsoap/samples/magic/magic.cpp:57:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!s || (r = atoi(s)) == 0)
data/gsoap-2.8.104/gsoap/samples/magic/magic.cpp:61:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
r = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/magic/magicserver.cpp:86:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/magic/magicserver.cpp:284:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("magic.wsdl", "rb"); // open WSDL file to copy
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:139:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return run_server(atoi(argv[1]));
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:354:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file, "rb");
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:469:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(file, "data");
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:523:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle->fd = fopen(file, "wb");
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:566:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(file, "wb");
data/gsoap-2.8.104/gsoap/samples/mtom/mtom-test.c:54:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return run_serve(atoi(argv[1]));
data/gsoap-2.8.104/gsoap/samples/oneway++/handler.cpp:79:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/oneway/handler.c:89:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/router/router.c:264:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[SOAP_HDRLEN];
data/gsoap-2.8.104/gsoap/samples/router/router.c:339:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
{ client.recvfd = open(input_file, O_RDONLY);
data/gsoap-2.8.104/gsoap/samples/router/router.c:410:29: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port_number = atol(arg);
data/gsoap-2.8.104/gsoap/samples/router/router.c:412:29: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port_number = atol(argv[i]);
data/gsoap-2.8.104/gsoap/samples/router/router.c:456:32: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server_timeout = atol(arg);
data/gsoap-2.8.104/gsoap/samples/router/router.c:458:32: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server_timeout = atol(argv[i]);
data/gsoap-2.8.104/gsoap/samples/router/router.c:547:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap.recvfd = open(routing_file, O_RDONLY);
data/gsoap-2.8.104/gsoap/samples/router/router.c:572:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char host[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/samples/router/router.c:585:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
server->socket = server->fopen(server, endpoint, server->host, server->port);
data/gsoap-2.8.104/gsoap/samples/rss/rss.c:95:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ maxitems = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/rss/rss.c:117:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxitems = atoi(val);
data/gsoap-2.8.104/gsoap/samples/ssl/cacerts.c:118:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[80];
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:593:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifs.open(ifile, std::ifstream::in);
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:607:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofs.open(ofile, std::ofstream::out);
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:1366:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:1415:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:1808:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:2056:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h[2];
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:2077:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[4];
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:3749:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8], *t = buf;
data/gsoap-2.8.104/gsoap/samples/udp/udpserver.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *received_id[MAX_HISTORY];
data/gsoap-2.8.104/gsoap/samples/udp/udpserver.c:124:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char port[16];
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/Http/calculator.cpp:49:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srv_subject[256], clt_subject[256];
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srv_issuer[256], clt_issuer[256];
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:82:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen("serverWCF.pem", "r")))
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:98:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen("servercertWCF.pem", "r")))
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:131:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen("clientWCF.pem", "r")))
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:145:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen("clientcertWCF.pem", "r")))
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:180:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:318:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:477:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hmac_key[16] = /* Dummy HMAC key for signature test */
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:480:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char des_key[20] = /* Dummy 160-bit triple DES key for encryption test */
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:579:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/TransportSecurity/calculator.cpp:60:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/wcf/WS/DualHttp/calculator.cpp:175:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:170:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap.recvfd = open(file, O_RDONLY);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:201:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap.sendfd = open(file, O_CREAT | O_RDWR, 0644);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:333:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24];
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:225:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *minutes[60] = {"0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" };
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:226:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *hours[24] = {"00", "01", "02", "03", "04", "05", "06", "07", "08", "09", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23"};
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:287:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atol(options[OPTION_port].value);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:424:49: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
soap->send_timeout = soap->recv_timeout = atol(options[OPTION_t].value);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:426:30: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
soap->accept_timeout = atol(options[OPTION_s].value);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:436:19: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newpoolsize = atol(options[OPTION_o].value);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:832:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
record.SKU = atoi(soap->path + 13);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:992:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(name, "rb"); /* open file to copy */
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1027:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1076:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1212:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096]; /* a small buffer that is large enough to hold parts of HTML content */
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1385:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096]; /* buffer large enough to hold parts of HTML content */
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1386:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lab[40];
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1412:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096]; /* buffer large enough to hold HTML content */
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1413:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lab[40];
data/gsoap-2.8.104/gsoap/samples/wsa/wsademo.c:74:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:145:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hmac_key[16] = /* Dummy HMAC key for signature test */
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:152:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char des_key[20] = /* Dummy 160-bit triple DES key for encryption test */
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:156:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char aes_key[32] = /* Dummy 256-bit AES256 key for encryption test */
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:355:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen("server.pem", "r")))
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:373:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen("servercert.pem", "r")))
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:398:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:456:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endpoint[80];
data/gsoap-2.8.104/gsoap/samples/wsse/wsselite.c:85:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/gsoap-2.8.104/gsoap/samples/wsse/wsselite.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char endpoint[80];
data/gsoap-2.8.104/gsoap/samples/wsse/wsselite.c:129:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(endpoint, "http://localhost:%d", port);
data/gsoap-2.8.104/gsoap/samples/wsse/wsselite.c:131:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(endpoint, "http://");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:146:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:151:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("server.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endpoint[80];
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:232:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("server.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:239:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("servercert.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:362:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:388:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("server.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:395:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("servercert.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:584:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:144:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[2]);
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:150:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("server.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endpoint[80];
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:231:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("server.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:238:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("servercert.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:384:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("server.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:391:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("servercert.pem", "r");
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:576:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-currentTimeServer.c:95:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-currentTimeServer.cpp:94:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json.c:251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json.c:515:21: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wc[2];
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json.cpp:251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json.cpp:515:21: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wc[2];
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/jsoncpp.cpp:451:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifs.open(ifile, std::ifstream::in);
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/jsoncpp.cpp:465:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofs.open(ofile, std::ofstream::out);
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/jsoncpp.cpp:2349:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2];
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc-currentTimeServer.cpp:67:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(argv[1]);
data/gsoap-2.8.104/gsoap/src/error2.c:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[2048]; /* to hold error messages */
data/gsoap-2.8.104/gsoap/src/lex.yy.c:741:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yytext[YYLMAX];
data/gsoap-2.8.104/gsoap/src/lex.yy.c:806:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static struct importlist { struct importlist *next; char name[1]; } *importlist = NULL;
data/gsoap-2.8.104/gsoap/src/lex.yy.c:807:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *fnstk[MAX_IMPORT_DEPTH];
data/gsoap-2.8.104/gsoap/src/lex.yy.c:809:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *imstk[MAX_IMPORT_DEPTH];
data/gsoap-2.8.104/gsoap/src/lex.yy.c:1354:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char *s, *t, buf[1024];
data/gsoap-2.8.104/gsoap/src/lex.yy.c:1377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char *s, buf[1024];
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3303:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buf[1024];
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3324:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(yyin = fopen(file, "r")))
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3351:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
yyin = fopen(buf, "r");
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirpath[1024]; /* directory path for generated source files */
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:380:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (!(yyin = fopen(argv[i], "r")))
data/gsoap-2.8.104/gsoap/src/soapcpp2.h:242:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* the actual string value flows into the allocated region id[0...] below this struct */
data/gsoap-2.8.104/gsoap/src/soapcpp2.h:489:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char dirpath[1024];
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:1633:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:1822:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2680:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "operator ");
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:4611:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errbuf, "char[" SOAP_LONG_FORMAT "] will be serialized as an array of " SOAP_LONG_FORMAT " bytes: use soapcpp2 option -b to enable char[] string serialization or use char* for strings", (yyvsp[-2].rec).val.i, (yyvsp[-2].rec).val.i);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6286:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(r, "Response");
data/gsoap-2.8.104/gsoap/src/symbol2.c:84:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapStub[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:85:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapH[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:86:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapC[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:87:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapClient[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapServer[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:89:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapClientLib[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:90:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapServerLib[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:91:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapReadme[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapProxyH[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:93:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapProxyC[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapServiceH[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:95:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapServiceC[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:96:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapTester[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:97:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapMatlab[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:98:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char soapMatlabHdr[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:100:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapTester[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:101:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapStub[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:102:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapH[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:103:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapC[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:104:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapClient[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:105:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapServer[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:106:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapClientLib[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:107:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapServerLib[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:108:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapReadme[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:109:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapProxyH[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:110:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapProxyC[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:111:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapServiceH[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:112:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapServiceC[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:113:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapMatlab[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:114:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathsoapMatlabHdr[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:433:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:853:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/src/symbol2.c:878:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:907:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapMatlab, "Matlab.c");
data/gsoap-2.8.104/gsoap/src/symbol2.c:912:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapMatlabHdr, "Matlab.h");
data/gsoap-2.8.104/gsoap/src/symbol2.c:917:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapStub, "Stub.h");
data/gsoap-2.8.104/gsoap/src/symbol2.c:921:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapH, "H.h");
data/gsoap-2.8.104/gsoap/src/symbol2.c:926:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapC, "C_nnn");
data/gsoap-2.8.104/gsoap/src/symbol2.c:933:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapClient, "Client");
data/gsoap-2.8.104/gsoap/src/symbol2.c:938:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapServer, "Server");
data/gsoap-2.8.104/gsoap/src/symbol2.c:943:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapClientLib, "ClientLib");
data/gsoap-2.8.104/gsoap/src/symbol2.c:948:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapServerLib, "ServerLib");
data/gsoap-2.8.104/gsoap/src/symbol2.c:953:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapReadme, "Readme.md");
data/gsoap-2.8.104/gsoap/src/symbol2.c:960:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fmatlab = fopen(pathsoapMatlab, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:966:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fmheader = fopen(pathsoapMatlabHdr, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:976:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
freport = fopen(pathsoapReadme, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:982:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fheader = fopen(pathsoapStub, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:1000:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhead = fopen(pathsoapH, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:1036:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fclient = fopen(pathsoapClient, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:1051:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
flib = fopen(pathsoapClientLib, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:1077:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fserver = fopen(pathsoapServer, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:1092:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
flib = fopen(pathsoapServerLib, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:1147:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t-3, "%03d", filenum);
data/gsoap-2.8.104/gsoap/src/symbol2.c:1157:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(pathsoapC, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:1634:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/src/symbol2.c:3168:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/gsoap-2.8.104/gsoap/src/symbol2.c:3213:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->name, "xsd");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3217:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->name, "xsi");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3221:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->name, "SOAP-ENC");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3225:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->name, "SOAP-ENV");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:3325:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3349:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapProxyH, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3359:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapProxyC, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3375:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapServiceH, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3385:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapServiceC, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3400:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3413:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3426:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3439:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3471:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3529:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapTester, "Tester");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3531:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapTester, ".c");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3533:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(soapTester, ".cpp");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3537:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(pathsoapTester, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3634:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3657:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:4493:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:4518:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", e->info.val.r);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4569:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", p->rmin * (1 + (p->incmin == False)/1000));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4571:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", p->rmax * (1 - (p->incmax == False)/1000));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4573:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", p->rmin * (1 - (p->incmin == False)/1000));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4575:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.17lG", p->rmax * (1 + (p->incmax == False)/1000));
data/gsoap-2.8.104/gsoap/src/symbol2.c:4599:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/gsoap-2.8.104/gsoap/src/symbol2.c:4983:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[4];
data/gsoap-2.8.104/gsoap/src/symbol2.c:8837:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/gsoap-2.8.104/gsoap/src/symbol2.c:9659:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/src/symbol2.c:10203:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/src/symbol2.c:10473:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1024];
data/gsoap-2.8.104/gsoap/src/symbol2.c:10477:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "REST.");
data/gsoap-2.8.104/gsoap/src/symbol2.c:10493:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, ".req.xml");
data/gsoap-2.8.104/gsoap/src/symbol2.c:10498:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, ".res.xml");
data/gsoap-2.8.104/gsoap/src/symbol2.c:10502:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(tmp, "w");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11374:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t + (s - p->id->name) + 2, "make_shared");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11722:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "(*a->");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11724:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "a->");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11728:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "::");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11877:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SOAP_TYPE_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11884:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SOAP_TYPE_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11899:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SOAP_UNION_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11906:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SOAP_UNION_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11992:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "PointerTo");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12007:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "TemplateOf");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12108:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[5];
data/gsoap-2.8.104/gsoap/src/symbol2.c:12119:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[5];
data/gsoap-2.8.104/gsoap/src/symbol2.c:12149:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[5];
data/gsoap-2.8.104/gsoap/src/symbol2.c:12160:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[5];
data/gsoap-2.8.104/gsoap/src/symbol2.c:12589:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(t, "ArrayOf");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12594:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "ArrayOf");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12599:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t+strlen(t), "%dD", d);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12829:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "struct ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12837:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "union ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12845:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "enum ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12873:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "void");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12875:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ", ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12887:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "> ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12899:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/gsoap-2.8.104/gsoap/src/symbol2.c:12902:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "mutable ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12904:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "inline ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12906:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "friend ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12908:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "virtual ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12910:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "typedef ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12912:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "explicit ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12914:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "static ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12916:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "register ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12918:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "auto ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12920:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "const ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12922:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "const ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12945:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[8196];
data/gsoap-2.8.104/gsoap/src/symbol2.c:13022:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempBuf[10];
data/gsoap-2.8.104/gsoap/src/symbol2.c:13034:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "void ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13039:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "char ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13044:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "wchar_t ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13049:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "short ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13054:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "int ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13059:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "long ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13064:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "LONG64 ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13069:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "float ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13074:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "double ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13079:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "long double ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13084:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "unsigned char ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13089:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "unsigned short ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13094:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "unsigned int ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13099:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "unsigned long ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13104:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "ULONG64 ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13109:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "size_t ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13114:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "time_t ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13120:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "struct ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13135:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "union ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13144:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "bool ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13150:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "enum ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13189:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempBuf, "[%d]", (typ->width / ((Tnode*) typ->ref)->width));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13213:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "void");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13215:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ", ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13226:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "> ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13293:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ", ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13336:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ", ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:21490:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "\\%03o", (unsigned int)(unsigned char)*s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:21526:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "&#%.2x;", (unsigned char)*s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:21531:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "<");
data/gsoap-2.8.104/gsoap/src/symbol2.c:21536:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, ">");
data/gsoap-2.8.104/gsoap/src/symbol2.c:21541:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "&");
data/gsoap-2.8.104/gsoap/src/symbol2.c:21546:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, """);
data/gsoap-2.8.104/gsoap/src/symbol2.c:21551:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "\\\\");
data/gsoap-2.8.104/gsoap/stdsoap2.c:325:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_env1[42] = "http://schemas.xmlsoap.org/soap/envelope/";
data/gsoap-2.8.104/gsoap/stdsoap2.c:326:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_enc1[42] = "http://schemas.xmlsoap.org/soap/encoding/";
data/gsoap-2.8.104/gsoap/stdsoap2.c:327:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_env2[40] = "http://www.w3.org/2003/05/soap-envelope";
data/gsoap-2.8.104/gsoap/stdsoap2.c:328:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_enc2[40] = "http://www.w3.org/2003/05/soap-encoding";
data/gsoap-2.8.104/gsoap/stdsoap2.c:329:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_rpc[35] = "http://www.w3.org/2003/05/soap-rpc";
data/gsoap-2.8.104/gsoap/stdsoap2.c:332:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_base64o[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
data/gsoap-2.8.104/gsoap/stdsoap2.c:333:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_base64i[81] = "\76XXX\77\64\65\66\67\70\71\72\73\74\75XXXXXXX\00\01\02\03\04\05\06\07\10\11\12\13\14\15\16\17\20\21\22\23\24\25\26\27\30\31XXXXXX\32\33\34\35\36\37\40\41\42\43\44\45\46\47\50\51\52\53\54\55\56\57\60\61\62\63";
data/gsoap-2.8.104/gsoap/stdsoap2.c:336:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_indent[21] = "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t";
data/gsoap-2.8.104/gsoap/stdsoap2.c:346:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_padding[4] = "\0\0\0";
data/gsoap-2.8.104/gsoap/stdsoap2.c:930:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[24];
data/gsoap-2.8.104/gsoap/stdsoap2.c:1431:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, tmp[17];
data/gsoap-2.8.104/gsoap/stdsoap2.c:1604:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/stdsoap2.c:1895:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[8];
data/gsoap-2.8.104/gsoap/stdsoap2.c:2085:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/gsoap-2.8.104/gsoap/stdsoap2.c:2159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[24];
data/gsoap-2.8.104/gsoap/stdsoap2.c:2305:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[2 * SOAP_BINARY_BUFLEN], *p = d;
data/gsoap-2.8.104/gsoap/stdsoap2.c:2471:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[4 * SOAP_BINARY_BUFLEN], *p = d;
data/gsoap-2.8.104/gsoap/stdsoap2.c:3977:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dparams_buf[1024];
data/gsoap-2.8.104/gsoap/stdsoap2.c:3978:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(dhfile, "r");
data/gsoap-2.8.104/gsoap/stdsoap2.c:4147:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/stdsoap2.c:4516:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char priority[80];
data/gsoap-2.8.104/gsoap/stdsoap2.c:4688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/stdsoap2.c:7065:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[16];
data/gsoap-2.8.104/gsoap/stdsoap2.c:7503:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[SOAP_HDRLEN], *s;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char http[32];
data/gsoap-2.8.104/gsoap/stdsoap2.c:8897:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, tmp[4096];
data/gsoap-2.8.104/gsoap/stdsoap2.c:8995:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, tmp[4096];
data/gsoap-2.8.104/gsoap/stdsoap2.c:9136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, tmp[4096]; /* cookie size is up to 4096 bytes [RFC2109] */
data/gsoap-2.8.104/gsoap/stdsoap2.c:9255:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[3];
data/gsoap-2.8.104/gsoap/stdsoap2.c:9435:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[4096], val[4096]; /* cookie size is up to 4096 bytes [RFC2109] */
data/gsoap-2.8.104/gsoap/stdsoap2.c:11604:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->fdebug[i] = fopen(soap->logfile[i], i < 2 ? "ab" : "a");
data/gsoap-2.8.104/gsoap/stdsoap2.c:14230:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/stdsoap2.c:15156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MB_LEN_MAX > 8 ? MB_LEN_MAX : 8];
data/gsoap-2.8.104/gsoap/stdsoap2.c:15158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/stdsoap2.c:19195:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/stdsoap2.c:19386:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/stdsoap2.c:21389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[sizeof(soap->host)];
data/gsoap-2.8.104/gsoap/stdsoap2.c:21409:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (soap->fopen && *soap->host)
data/gsoap-2.8.104/gsoap/stdsoap2.c:21429:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->socket = soap->fopen(soap, endpoint, soap->host, soap->port);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:325:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_env1[42] = "http://schemas.xmlsoap.org/soap/envelope/";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:326:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_enc1[42] = "http://schemas.xmlsoap.org/soap/encoding/";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:327:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_env2[40] = "http://www.w3.org/2003/05/soap-envelope";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:328:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_enc2[40] = "http://www.w3.org/2003/05/soap-encoding";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:329:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_rpc[35] = "http://www.w3.org/2003/05/soap-rpc";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:332:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_base64o[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:333:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char soap_base64i[81] = "\76XXX\77\64\65\66\67\70\71\72\73\74\75XXXXXXX\00\01\02\03\04\05\06\07\10\11\12\13\14\15\16\17\20\21\22\23\24\25\26\27\30\31XXXXXX\32\33\34\35\36\37\40\41\42\43\44\45\46\47\50\51\52\53\54\55\56\57\60\61\62\63";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:336:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_indent[21] = "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:346:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char soap_padding[4] = "\0\0\0";
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:930:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[24];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1431:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, tmp[17];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1604:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1895:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[8];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:2085:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:2159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[24];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:2305:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[2 * SOAP_BINARY_BUFLEN], *p = d;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:2471:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[4 * SOAP_BINARY_BUFLEN], *p = d;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3977:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dparams_buf[1024];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3978:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(dhfile, "r");
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4147:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4516:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char priority[80];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:7065:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[16];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:7503:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[SOAP_HDRLEN], *s;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char http[32];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8897:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, tmp[4096];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8995:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, tmp[4096];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *t, tmp[4096]; /* cookie size is up to 4096 bytes [RFC2109] */
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9255:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[3];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9435:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[4096], val[4096]; /* cookie size is up to 4096 bytes [RFC2109] */
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:11604:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->fdebug[i] = fopen(soap->logfile[i], i < 2 ? "ab" : "a");
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:14230:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MB_LEN_MAX > 8 ? MB_LEN_MAX : 8];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19195:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19386:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[12];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[sizeof(soap->host)];
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21409:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (soap->fopen && *soap->host)
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21429:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->socket = soap->fopen(soap, endpoint, soap->host, soap->port);
data/gsoap-2.8.104/gsoap/stdsoap2.h:1513:77: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define soap_memcpy(buf, len, src, num) ((size_t)(len) >= (size_t)(num) ? !memcpy((buf), (src), (num)) : SOAP_ERANGE)
data/gsoap-2.8.104/gsoap/stdsoap2.h:2015:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1]; /* the actual string value flows into the allocated region id[0...] below this struct */
data/gsoap-2.8.104/gsoap/stdsoap2.h:2086:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* the actual name string flows into the allocated region below this struct */
data/gsoap-2.8.104/gsoap/stdsoap2.h:2748:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SOAP_SOCKET (*fopen)(struct soap*, const char*, const char*, int);
data/gsoap-2.8.104/gsoap/stdsoap2.h:2819:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SOAP_BUFLEN];/* send and receive buffer */
data/gsoap-2.8.104/gsoap/stdsoap2.h:2820:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[SOAP_TMPLEN]; /* in/out buffer for HTTP/MIME headers and short messages, must be >=1024 bytes */
data/gsoap-2.8.104/gsoap/stdsoap2.h:2821:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[SOAP_TMPLEN]; /* in/out buffer for HTTP/MIME headers, simpleType values, element and attribute tag names, and DIME must be >=1024 bytes */
data/gsoap-2.8.104/gsoap/stdsoap2.h:2822:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2823:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2824:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char href[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2825:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2826:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arrayType[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2827:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraySize[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2828:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arrayOffset[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2845:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endpoint[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2846:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2847:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2885:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *logfile[SOAP_MAXLOGS];
data/gsoap-2.8.104/gsoap/stdsoap2.h:2956:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char session_host[SOAP_TAGLEN];
data/gsoap-2.8.104/gsoap/stdsoap2.h:3024:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[1]; /* the actual id string value flows into the allocated region below this struct */
data/gsoap-2.8.104/gsoap/wsdl/includes.h:134:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *infile[MAXINFILES], *outfile, *proxy_host, *proxy_userid, *proxy_passwd, *auth_userid, *auth_passwd;
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:479:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(loc, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:501:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:517:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:532:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4362:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:178:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], xsd[4096], def[4096], use[4096], ptr[4096], uri[4096];
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:183:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "r");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:187:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(buf, "r");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:225:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(outfile, "w");
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:733:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *t;
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1815:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[16];
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:271:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(loc, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:293:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:309:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:324:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
soap->recvfd = open(location, O_RDONLY, 0);
data/gsoap-2.8.104/gsoap/wsdl/wsdl2h.cpp:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *infile[MAXINFILES],
data/gsoap-2.8.104/gsoap/wsdl/wsdl2h.cpp:632:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(outfile, "w");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:799:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(yyin); \
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:937:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:1380:29: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(buf, s + 1, sizeof(buf));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2130:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,strlen(yystr) );
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2514:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(yylval.s, yytext, strlen(yytext)-1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2514:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(yylval.s, yytext, strlen(yytext)-1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2515:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
yylval.s[strlen(yytext)-1] = '\0';
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2610:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2626:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2647:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2655:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *t = (char*)emalloc(strlen(sp->URL) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2655:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *t = (char*)emalloc(strlen(sp->URL) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2657:33: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, " ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2736:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2756:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2776:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2799:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2823:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2843:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2863:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2883:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2903:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2921:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2939:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2957:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2975:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:2993:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3011:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3029:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3050:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3165:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext + i, j - i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3258:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(fullname)+15);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3268:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(fullname)+1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3275:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(fullname)+1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3284:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 4)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3287:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(name); i++)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3334:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, s, t - s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3342:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf) - 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3345:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ":");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/lex.soapcpp2_lex.c:3366:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (struct importlist*)emalloc(sizeof(struct importlist) + strlen(file)); /* has already + 1 byte size */
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:152:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*dirpath && dirpath[strlen(dirpath)-1] != '/' && dirpath[strlen(dirpath)-1] != '\\')
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:152:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*dirpath && dirpath[strlen(dirpath)-1] != '/' && dirpath[strlen(dirpath)-1] != '\\')
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:259:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = (char*)emalloc(strlen(importpath) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:259:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = (char*)emalloc(strlen(importpath) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:396:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *t = (char*)emalloc(strlen(importpath) + strlen(defimportpath) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2.c:396:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *t = (char*)emalloc(strlen(importpath) + strlen(defimportpath) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:1530:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2679:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(s1) + strlen(s2) + 10);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2679:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(s1) + strlen(s2) + 10);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2726:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen((yyvsp[0].sym)->name) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2730:31: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, (yyvsp[0].sym)->name, s2 - (yyvsp[0].sym)->name + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2731:31: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "~");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:2736:31: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, "~");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:5948:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t->width / ((Tnode*)t->ref)->width - 1 < (int)strlen(n->val.s))
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/soapcpp2_yacc.tab.c:6283:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t i = 0, j, n = strlen(fun->sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:388:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Symbol *p = (Symbol*)emalloc(sizeof(Symbol)+strlen(name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:533:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(sym->name) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:535:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:649:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(t, sym->name, s - sym->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:928:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(soapC, "C");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3178:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)(strlen(s) - 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3188:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, s, i);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3275:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(strlen(tmpURI) + strlen(ns->name) + 6);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3275:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(strlen(tmpURI) + strlen(ns->name) + 6);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:3457:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ".");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4456:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4480:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4537:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-12)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4563:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "0");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4577:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "0");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:4648:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-12)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:5938:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(sp->protocol) > 6)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:5965:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(m->part) > 6)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:7978:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(sp->protocol) > 6)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:8003:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(m->part) > 6)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:10845:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11373:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(t, p->id->name, s - p->id->name + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11411:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(s) - 1; n && s[n] == '_'; n--)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11425:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(s) - 1; n && s[n] == '_'; n--)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11645:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s) - 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11646:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(t) - 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11669:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(s) - 1; n && s[n] == '_'; n--)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11671:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (m = strlen(t) - 1; m && t[m] == '_'; m--)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11695:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(ns)) < strlen(s))
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11695:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(ns)) < strlen(s))
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11720:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = emalloc(2*strlen(name) + 2*(t ? strlen(type) + 2 : 0) + 20);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11720:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = emalloc(2*strlen(name) + 2*(t ? strlen(type) + 2 : 0) + 20);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11732:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ")");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11836:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r, s, t - s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11876:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(namespaceid) + 12);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11876:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(namespaceid) + 12);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11879:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11883:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + 11);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11898:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + strlen(namespaceid) + 14);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11898:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + strlen(namespaceid) + 14);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11898:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + strlen(namespaceid) + 14);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11901:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11905:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + 13);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11905:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + 13);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11909:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11991:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((10+strlen(q = c_ident((Tnode*)typ->ref))) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:11996:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((16+strlen(c_ident((Tnode*)typ->ref))) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12005:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((11+strlen(res_remove(typ->id->name))+strlen(q = c_ident((Tnode*)typ->ref))) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12005:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((11+strlen(res_remove(typ->id->name))+strlen(q = c_ident((Tnode*)typ->ref))) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12084:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(tag); n > 0; n--)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12109:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, tag+i+2, 4);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12120:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, tag+i+2, 4);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12150:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, tag+i+2, 4);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12161:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, tag+i+2, 4);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12185:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(tag) + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12264:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(r) + 3);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12265:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, "\"");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12267:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "\"");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12279:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(r) + 3);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12280:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, "\"");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12282:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "\"");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12307:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(n) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12307:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(n) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12309:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ":");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12320:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (r = s+strlen(s)-1; r > s; r--)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12349:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12351:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(n + strlen(suffix) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12365:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12374:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(tag) + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12433:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tag && type && !strncmp(tag, type, n = strlen(type)) && strlen(tag) > n + 2 && tag[n] == '_' && tag[n + 1] == '_')
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12433:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tag && type && !strncmp(tag, type, n = strlen(type)) && strlen(tag) > n + 2 && tag[n] == '_' && tag[n + 1] == '_')
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12586:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(s)+strlen(ns_convert(ns))+13);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12586:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(s)+strlen(ns_convert(ns))+13);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12588:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ":");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12593:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(s)+12);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12599:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(t+strlen(t), "%dD", d);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12677:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc((strlen(ns_convert(ns))+strlen(c_ident(typ))+2) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12677:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc((strlen(ns_convert(ns))+strlen(c_ident(typ))+2) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12679:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ":");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12697:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc((strlen(ns_convert(ns))+strlen(typ->id->name)+2) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12697:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc((strlen(ns_convert(ns))+strlen(typ->id->name)+2) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12699:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ":");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12828:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((8+strlen(q)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12836:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12844:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((6+strlen(q)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12861:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "(");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12878:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ")");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12883:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref)) + strlen(r = ident(typ->id->name)) + 4) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12883:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref)) + strlen(r = ident(typ->id->name)) + 4) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12885:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "<");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12992:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (is_stdstring(p) && e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-6)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12994:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (is_stdwstring(p) && e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-7)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12996:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (is_wstring(p) && e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-17)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:12998:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-13)
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13033:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(6+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13038:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(6+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13043:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(9+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13048:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(7+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13053:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(5+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13058:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(6+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13063:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(8+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13068:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(7+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13073:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(8+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13078:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(13+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13083:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(15+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13088:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(16+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13093:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(14+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13098:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(15+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13103:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(9+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13108:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(8+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13113:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(8+strlen(id));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13119:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((9+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13119:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((9+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13122:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13127:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((2+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13127:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((2+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13129:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13134:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((8+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13134:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((8+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13137:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13143:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(id)+6)* sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13149:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13149:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13152:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13157:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13157:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13159:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13163:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(id)+2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13168:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(id)+2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13173:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(id)+3);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13182:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((12+strlen(q = c_type_id((Tnode*)typ->ref, id))) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13203:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "(");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13217:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ")");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13222:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref))+strlen(ident(typ->id->name))+strlen(id)+4) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13222:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref))+strlen(ident(typ->id->name))+strlen(id)+4) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13222:95: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref))+strlen(ident(typ->id->name))+strlen(id)+4) * sizeof(char));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13224:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "<");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13252:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = (char*)emalloc(strlen(synonym) + strlen(id) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13252:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = (char*)emalloc(strlen(synonym) + strlen(id) + 2);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13254:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13287:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(s)+cardinality+3);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13291:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "[");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13294:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "]");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13330:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(s)+cardinality*2+1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13334:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "[");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:13337:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "]");
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17004:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(d * (strlen(a) + 16) + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17008:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17048:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(ident(typ->id->name));
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17647:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(strlen(type) + strlen(name) + 6);
data/gsoap-2.8.104/gsoap/VisualStudio2005/soapcpp2/soapcpp2/symbol2.c:17647:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(strlen(type) + strlen(name) + 6);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:112:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(cwd, loc, relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:407:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int xs__schema::read(const char *cwd, const char *loc, const char *relloc)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:455:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:455:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:461:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:484:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:484:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:495:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:508:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:508:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:511:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:523:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:523:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:526:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:559:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(cwd, soap->endpoint, NULL);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:578:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(cwd, loc, NULL);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:706:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = n + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:837:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
schemaRef->read(schema.sourceLocation(), schemaLocation, relative_schemaLocation);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.cpp:1336:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
schemaRef->read(schema.sourceLocation(), schemaLocation, relative_schemaLocation);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/schema.h:611:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(const char*, const char*, const char*);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:110:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((*binding).wsoap__version && strlen((*binding).wsoap__version) > 2)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:125:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen((*binding).portTypePtr()->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:136:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (strcmp(soap__binding_transport+strlen(soap__binding_transport)-4, "http")
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:137:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strcmp(soap__binding_transport+strlen(soap__binding_transport)-5, "HTTP/"))))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:327:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen(binding_name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:327:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen(binding_name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:332:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:450:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!strcmp(soap__binding_transport+strlen(soap__binding_transport)-4, "http")
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:451:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| !strcmp(soap__binding_transport+strlen(soap__binding_transport)-5, "HTTP/")))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:517:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:517:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:517:107: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:640:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(op->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:651:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:651:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:651:111: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:689:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(op->output->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:787:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen(binding_name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:787:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen(binding_name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:792:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:886:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!strcmp(soap__binding_transport+strlen(soap__binding_transport)-4, "http")
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:887:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| !strcmp(soap__binding_transport+strlen(soap__binding_transport)-5, "HTTP/")))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:955:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:955:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:955:107: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1015:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(op->output->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1305:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(ext_fault.wsoap__code);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1307:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(ext_fault.wsoap__subcodes);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1366:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1406:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1426:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1647:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path) + strlen(fullpath) + 2;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1647:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path) + strlen(fullpath) + 2;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:1752:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(*u);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4279:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(uri) + 2*n;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/service.cpp:4306:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(*u);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:932:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DBGMSG(SENT, t, strlen(t));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:933:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->error = soap->fsend(soap, t, strlen(t));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:953:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return soap_send_raw(soap, s, strlen(s));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1044:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*s = (char*)soap_query_decode(t, strlen(t), t + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1063:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*s = (char*)soap_query_decode(t, strlen(t), t + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1138:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (size_t)soap->is->read(s, (std::streamsize)n).gcount(); /* downcast to std::streamsize is OK: gcount() returns how much we got in s[] */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1144:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->is);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1311:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(soap->recvfd, s, n);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:1822:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(p->string);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:2794:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3388:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->type, sizeof(soap->type) - 1, strlen(type) + 20), "%s[%d", type, size[0] + offset[0]);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3391:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3397:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->type, sizeof(soap->type) - 1, strlen(type) + 20), "%s[%d", type, size[0]);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3400:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3422:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->arrayOffset);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3461:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(attr);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3541:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:3542:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(ns) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4018:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SSL_CTX_set_session_id_context(soap->ctx, (unsigned char*)sid, (unsigned int)strlen(sid));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4210:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(msg) + 1), "%s\n", msg);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4216:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4218:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4227:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf + l, sizeof(soap->msgbuf) - l, strlen(s)), "%s", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4233:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4242:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf + l, sizeof(soap->msgbuf) - l, strlen(s) + 42), "Error observed by underlying SSL/TLS BIO: %s", s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:4674:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (int)strlen(buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:6443:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(soap->pipe_fd[0], &ch, 1) == -1)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:6543:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(soap->pipe_fd[0], &ch, 1) == -1)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:7571:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s) - 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:7623:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(soap->endpoint);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:7706:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->action[strlen(soap->action) - 1] = '\0';
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:7813:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->action[strlen(soap->action) - 1] = '\0';
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8065:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(endpoint) + strlen(soap->http_version) + 80;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8065:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(endpoint) + strlen(soap->http_version) + 80;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8146:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->bearer);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8155:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->ntlm_challenge);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8179:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->userid) + strlen(soap->passwd) + 1), "%s:%s", soap->userid, soap->passwd);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8179:91: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->userid) + strlen(soap->passwd) + 1), "%s:%s", soap->userid, soap->passwd);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8180:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_s2base64(soap, (const unsigned char*)(soap->tmpbuf + 262), soap->tmpbuf + 6, (int)strlen(soap->tmpbuf + 262));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8188:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->proxy_userid) + strlen(soap->proxy_passwd) + 1), "%s:%s", soap->proxy_userid, soap->proxy_passwd);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8188:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->proxy_userid) + strlen(soap->proxy_passwd) + 1), "%s:%s", soap->proxy_userid, soap->proxy_passwd);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8189:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_s2base64(soap, (const unsigned char*)(soap->tmpbuf + 262), soap->tmpbuf + 6, (int)strlen(soap->tmpbuf + 262));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8209:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(action) + 2), "\"%s\"", action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8229:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8286:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(http, sizeof(http), strlen(soap->http_version) + 5), "HTTP/%s", soap->http_version);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8314:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), sizeof(http) + 22 + strlen(line)), "%s %d %s", http, code, line);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8321:104: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF_SAFE(soap->tmpbuf, sizeof(soap->tmpbuf)), "Basic realm=\"%s\"", (soap->authrealm && strlen(soap->authrealm) + 14 < sizeof(soap->tmpbuf)) ? soap->authrealm : "gSOAP Web Service");
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8480:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8490:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t m = t ? strlen(t) : 0;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8491:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)soap_memmove(r + m - 1, soap->msgbuf + sizeof(soap->msgbuf) - (r + n + 1), r + k + 1, strlen(r + k + 1) + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8500:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int m = (int)strlen(soap->msgbuf); /* msgbuf length is max SOAP_TMPLEN or just 1024 bytes */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8558:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = 3 * (int)strlen(s) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8608:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!path || (path && p->path && !strncmp(p->path, path, strlen(p->path)))))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8638:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8685:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(value) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8702:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(domain) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8711:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!path || strncmp(path, q->path, strlen(q->path)))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8719:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8755:118: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strcmp(q->name, name) && (!q->domain || !strcmp(q->domain, domain)) && (!q->path || !strncmp(q->path, path, strlen(q->path))))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8912:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t && (int)strlen(t) < 3968 - (int)(s-tmp))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8917:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8920:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t && (int)strlen(t) < 3976 - (int)(s-tmp))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8929:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8939:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8944:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:8974:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9035:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9048:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(hostent.h_name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9058:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!q->path || !strncmp(q->path, path, strlen(q->path)))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9066:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 3*strlen(q->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9068:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 3*strlen(q->value) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9070:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(q->path) + 9;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9072:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(q->domain) + 11;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9093:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9095:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->name && (s-tmp) + strlen(q->name) + (size_t)15 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9099:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->value && *q->value && (s-tmp) + strlen(q->value) + (size_t)16 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9104:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->path && (s-tmp) + strlen(q->path) + (size_t)36 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9107:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9109:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->domain && (s-tmp) + strlen(q->domain) + (size_t)36 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9112:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9164:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9189:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9216:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9231:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9253:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!p->expire && strlen(tmp) >= 23)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9348:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9358:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9380:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->path) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9468:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->name) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9477:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->value) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9486:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->domain) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:9495:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->path) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:10238:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->dime_id_format) + 20), soap->dime_id_format, id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:10274:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(aid) - 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:10373:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:11650:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(logfile) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:11943:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = sizeof(struct soap_nlist) + strlen(nq->id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:11986:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = sizeof(struct soap_attribute) + strlen(tq->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:12614:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(little);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:12680:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:12682:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(ns) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:12721:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(tag);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:12911:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(ns->id) + 6), "xmlns:%s", ns->id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:12957:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:13027:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:13051:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:13358:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->tmpbuf[strlen(soap->tmpbuf) - 1] = '\0';
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:13401:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(np->id) + 6), "xmlns:%s", np->id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:14072:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:14145:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (value && tp->value && tp->size <= strlen(value))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:14156:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp->size = strlen(value) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:14643:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:14713:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp->size = strlen(soap->labbuf) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15171:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15176:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(tp->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15184:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(tp->value);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15200:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = (int)strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15906:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15911:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(tp->name);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:15919:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(tp->value);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17420:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17471:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17560:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17626:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(q);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17636:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17643:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17819:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17830:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:17934:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (soap_append_lab(soap, NULL, sizeof(wchar_t) * (strlen(s) + 1)))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19101:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += ((strlen(content->id)+3)&(~3));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19103:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += ((strlen(content->type)+3)&(~3));
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19111:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(soap->mime.boundary);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19120:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 16 + strlen(content->type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19124:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 29 + strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19127:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 14 + strlen(content->id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19130:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 20 + strlen(content->location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19133:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 23 + strlen(content->description);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19172:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(option);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19202:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idlen = strlen(soap->dime.id);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19208:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
typelen = strlen(soap->dime.type);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19587:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = soap->msgbuf + strlen(soap->msgbuf) - 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19866:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:19919:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), prefix ? strlen(prefix) + 37 : 37), "%s%8.8x-%4.4hx-4%3.3hx-%4.4hx-%4.4hx%8.8x", prefix ? prefix : SOAP_STR_EOS, r1, (short)(r2 >> 16), (short)(((short)r2 >> 4) & 0x0FFF), (short)(((short)(r3 >> 16) & 0x3FFF) | 0x8000), (short)r3, r4);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:20132:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->mime.boundary) + strlen(soap->mime.start) + 140 > sizeof(soap->tmpbuf))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:20132:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->mime.boundary) + strlen(soap->mime.start) + 140 > sizeof(soap->tmpbuf))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:20179:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->id, sizeof(soap->id), strlen(soap->dime_id_format) + 20), soap->dime_id_format, 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:20192:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->count += 12 + ((strlen(soap->dime.id)+3)&(~3)) + (soap->dime.type ? ((strlen(soap->dime.type)+3)&(~3)) : 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:20192:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->count += 12 + ((strlen(soap->dime.id)+3)&(~3)) + (soap->dime.type ? ((strlen(soap->dime.type)+3)&(~3)) : 0);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:20293:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:20328:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(soap->mime.boundary);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:20913:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(prefix);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21168:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = r + strlen(r) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21178:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21342:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(endpoints);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21362:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = endpoints + strlen(endpoints);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21636:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = (strlen(s) + 3) / 4 * 3 + 1; /* space for raw binary and \0 */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21753:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s) / 2 + 1; /* make sure enough space for \0 */
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21820:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->mime.boundary) + 53), "multipart/related; charset=utf-8; boundary=\"%s\"; type=\"", soap->mime.boundary);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21825:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21826:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21831:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21832:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(soap->mime.start) + 10), "\"; start=\"%s", soap->mime.start);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21836:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21837:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(r) + 15), "\"; start-info=\"%s", r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21839:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21849:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21850:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(soap->action);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21943:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21943:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21943:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21945:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + 33), "Validation constraint violation: %s%s", s, t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:21945:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + 33), "Validation constraint violation: %s%s", s, t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22014:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(soap->tag) + 65), "The data in element '%s' must be understood but cannot be processed", soap->tag);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22032:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(soap->tag) + 66), "Method '%s' not implemented: method name or namespace not recognized", soap->tag);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22130:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), (soap->d_stream && soap->d_stream->msg ? strlen(soap->d_stream->msg) : 0) + 19), "Zlib/gzip error: '%s'", soap->d_stream && soap->d_stream->msg ? soap->d_stream->msg : SOAP_STR_EOS);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22171:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->msgbuf) + 25 < sizeof(soap->msgbuf))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22173:110: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)soap_memmove((void*)(soap->msgbuf + 25), sizeof(soap->tmpbuf) - 25, (const void*)soap->msgbuf, strlen(soap->msgbuf) + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22198:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(t) + 54), "Error %d: HTTP %d %s", soap->error, soap->error, t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22537:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22542:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22547:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22757:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22757:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22757:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.cpp:22757:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1483:44: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
# define soap_strcpy(buf, len, src) (void)(strncpy((buf), (src), (len)), (buf)[(len) - 1] = '\0')
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1499:95: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
# define soap_strncpy(buf, len, src, num) ((buf) == NULL || ((size_t)(len) > (size_t)(num) ? (strncpy((buf), (src), (num)), (buf)[(size_t)(num)] = '\0') : ((buf)[0] = '\0', 1)))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/stdsoap2.h:1504:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define soap_strncat(buf, len, src, num) ((buf) == NULL || ((size_t)(len) > strlen((buf)) + (size_t)(num) ? strncat_s((buf), (len), (src), (num)) : 1))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:175:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int Types::read(const char *file)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:186:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, sizeof(buf), strlen(import_path) + strlen(file) + 1), "%s/%s", import_path, file);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:186:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, sizeof(buf), strlen(import_path) + strlen(file) + 1), "%s/%s", import_path, file);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:266:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(t) + strlen(def);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:266:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(t) + strlen(def);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:316:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri[strlen(uri) - 1] = '\0';
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:321:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri[strlen(uri) - 1] = '\0';
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:418:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap_context) + 67;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:622:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(mapfile))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:655:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:667:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:801:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(prefix + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:885:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:891:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:945:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:995:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1010:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1048:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1049:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1083:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1170:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1171:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(r);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1181:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1184:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1238:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1240:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(*i) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1246:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1273:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(*i) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1281:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1301:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1303:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(*i) + 1;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1309:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1338:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(type) + strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1338:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(type) + strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1829:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(format);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:1836:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(format);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:3227:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4180:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4263:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t w = strlen((*i1)->name) + 3;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4601:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4606:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4608:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4880:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*s || strlen(s) > 20)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4903:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*s || strlen(s) > 20)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4983:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.cpp:4991:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = (char*)emalloc(strlen(s) + 1);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/types.h:76:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(const char *file);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wadl.cpp:498:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = s ? s - t : strlen(t);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:46:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:68:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(*i) == n && !strncmp(QName + 1, *i, n))
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:78:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI) + strlen(name) + 3;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:78:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI) + strlen(name) + 3;
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:164:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(cwd, loc, relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:181:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int wsdl__definitions::read(int num, char **loc)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:184:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(NULL, NULL, NULL);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:186:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(NULL, loc[0], NULL);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:199:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int wsdl__definitions::read(const char *cwd, const char *loc, const char *relloc)
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:247:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:247:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:253:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:276:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:276:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:287:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:300:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:300:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:303:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:315:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:315:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(relloc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:318:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:399:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(cwd, soap->endpoint, NULL);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:418:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(cwd, loc, NULL);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:693:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = n + strlen(loc);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.cpp:2128:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
definitionsRef->read(source, location, relative_location);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.h:402:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(int, char**);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl.h:403:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(const char*, const char*, const char*);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl2h.cpp:175:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
definitions.read(infiles, infile);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl2h.cpp:415:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(proxy_host);
data/gsoap-2.8.104/gsoap/VisualStudio2005/wsdl2h/wsdl2h/wsdl2h.cpp:623:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(infile[0]);
data/gsoap-2.8.104/gsoap/custom/chrono_duration.cpp:106:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/custom/duration.c:95:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/custom/int128.c:129:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/custom/int128.c:136:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/custom/qstring.cpp:136:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*a = QString::fromUtf8(s, (int)strlen(s));
data/gsoap-2.8.104/gsoap/custom/qstring.cpp:138:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*a = QString::fromLatin1(s, (int)strlen(s));
data/gsoap-2.8.104/gsoap/custom/struct_timeval.c:78:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/dom.c:245:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(name);
data/gsoap-2.8.104/gsoap/dom.c:245:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(name);
data/gsoap-2.8.104/gsoap/dom.c:257:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p->ns && soap_push_prefix(soap, p->id, strlen(p->id), p->ns, 1, 0) == NULL)
data/gsoap-2.8.104/gsoap/dom.c:286:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(name);
data/gsoap-2.8.104/gsoap/dom.c:286:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(name);
data/gsoap-2.8.104/gsoap/dom.c:340:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(prefix) + strlen(t);
data/gsoap-2.8.104/gsoap/dom.c:340:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(prefix) + strlen(t);
data/gsoap-2.8.104/gsoap/dom.c:502:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(tag);
data/gsoap-2.8.104/gsoap/dom.c:502:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(tag);
data/gsoap-2.8.104/gsoap/dom.c:1041:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(np->id) + 6), "xmlns:%s", np->id);
data/gsoap-2.8.104/gsoap/dom.cpp:245:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(name);
data/gsoap-2.8.104/gsoap/dom.cpp:245:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(name);
data/gsoap-2.8.104/gsoap/dom.cpp:257:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p->ns && soap_push_prefix(soap, p->id, strlen(p->id), p->ns, 1, 0) == NULL)
data/gsoap-2.8.104/gsoap/dom.cpp:286:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(name);
data/gsoap-2.8.104/gsoap/dom.cpp:286:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(name);
data/gsoap-2.8.104/gsoap/dom.cpp:340:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(prefix) + strlen(t);
data/gsoap-2.8.104/gsoap/dom.cpp:340:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(prefix) + strlen(t);
data/gsoap-2.8.104/gsoap/dom.cpp:502:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(tag);
data/gsoap-2.8.104/gsoap/dom.cpp:502:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix) + strlen(tag);
data/gsoap-2.8.104/gsoap/dom.cpp:1041:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(np->id) + 6), "xmlns:%s", np->id);
data/gsoap-2.8.104/gsoap/plugin/curlapi.c:524:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->action) + 14), "SOAPAction: \"%s\"", soap->action);
data/gsoap-2.8.104/gsoap/plugin/curlapi.c:580:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->proxy_host) + 8 + 8), "http://%s:%d", soap->proxy_host,soap->proxy_port);
data/gsoap-2.8.104/gsoap/plugin/curlapi.c:584:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len_proxy_userid = strlen(soap->proxy_userid);
data/gsoap-2.8.104/gsoap/plugin/curlapi.c:585:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len_proxy_passwd = soap->proxy_passwd ? strlen(soap->proxy_passwd) : 0;
data/gsoap-2.8.104/gsoap/plugin/httpda.c:805:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(qop) + strlen(ncount) + strlen(cnonce) + strlen(response) + 83), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", qop=\"%s\", nc=%s, cnonce=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, qop, ncount, cnonce, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:805:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(qop) + strlen(ncount) + strlen(cnonce) + strlen(response) + 83), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", qop=\"%s\", nc=%s, cnonce=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, qop, ncount, cnonce, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:805:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(qop) + strlen(ncount) + strlen(cnonce) + strlen(response) + 83), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", qop=\"%s\", nc=%s, cnonce=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, qop, ncount, cnonce, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:805:118: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(qop) + strlen(ncount) + strlen(cnonce) + strlen(response) + 83), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", qop=\"%s\", nc=%s, cnonce=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, qop, ncount, cnonce, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:805:139: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(qop) + strlen(ncount) + strlen(cnonce) + strlen(response) + 83), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", qop=\"%s\", nc=%s, cnonce=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, qop, ncount, cnonce, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:805:153: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(qop) + strlen(ncount) + strlen(cnonce) + strlen(response) + 83), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", qop=\"%s\", nc=%s, cnonce=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, qop, ncount, cnonce, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:805:170: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(qop) + strlen(ncount) + strlen(cnonce) + strlen(response) + 83), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", qop=\"%s\", nc=%s, cnonce=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, qop, ncount, cnonce, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:805:187: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(qop) + strlen(ncount) + strlen(cnonce) + strlen(response) + 83), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", qop=\"%s\", nc=%s, cnonce=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, qop, ncount, cnonce, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:809:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(ncount) + strlen(cnonce) + strlen(response) + 59), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:809:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(ncount) + strlen(cnonce) + strlen(response) + 59), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:809:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(ncount) + strlen(cnonce) + strlen(response) + 59), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:809:118: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(ncount) + strlen(cnonce) + strlen(response) + 59), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:809:139: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(ncount) + strlen(cnonce) + strlen(response) + 59), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:809:156: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(ncount) + strlen(cnonce) + strlen(response) + 59), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:809:173: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(userid) + strlen(data->nonce) + strlen(soap->path) + strlen(ncount) + strlen(cnonce) + strlen(response) + 59), "Digest algorithm=%s, realm=\"%s\", username=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\"", data->alg ? data->alg : "MD5", soap->authrealm, userid, data->nonce, soap->path, response);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:814:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:815:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(data->opaque) + 11), ", opaque=\"%s\"", data->opaque);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:837:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(nonce) + strlen(opaque) + 59), "Digest algorithm=%s, realm=\"%s\", qop=\"auth,auth-int\", nonce=\"%s\", opaque=\"%s\"", alg, soap->authrealm, nonce, opaque);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:837:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(nonce) + strlen(opaque) + 59), "Digest algorithm=%s, realm=\"%s\", qop=\"auth,auth-int\", nonce=\"%s\", opaque=\"%s\"", alg, soap->authrealm, nonce, opaque);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:837:100: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(nonce) + strlen(opaque) + 59), "Digest algorithm=%s, realm=\"%s\", qop=\"auth,auth-int\", nonce=\"%s\", opaque=\"%s\"", alg, soap->authrealm, nonce, opaque);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:842:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(nonce) + strlen(opaque) + 59), "Digest algorithm=MD5, realm=\"%s\", qop=\"auth,auth-int\", nonce=\"%s\", opaque=\"%s\"", soap->authrealm, nonce, opaque);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:842:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(nonce) + strlen(opaque) + 59), "Digest algorithm=MD5, realm=\"%s\", qop=\"auth,auth-int\", nonce=\"%s\", opaque=\"%s\"", soap->authrealm, nonce, opaque);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:842:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->authrealm) + strlen(nonce) + strlen(opaque) + 59), "Digest algorithm=MD5, realm=\"%s\", qop=\"auth,auth-int\", nonce=\"%s\", opaque=\"%s\"", soap->authrealm, nonce, opaque);
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1571:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, userid, strlen(userid))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1573:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, realm, strlen(realm))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1575:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, passwd, strlen(passwd))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1588:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, nonce, strlen(nonce)))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1593:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, cnonce, strlen(cnonce))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1619:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, method, strlen(method))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1621:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, uri, strlen(uri)))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1643:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, nonce, strlen(nonce)))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1650:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, ncount, strlen(ncount))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1652:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, cnonce, strlen(cnonce))
data/gsoap-2.8.104/gsoap/plugin/httpda.c:1654:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| soap_smd_update(soap, smd_data, qop, strlen(qop)))
data/gsoap-2.8.104/gsoap/plugin/sessions.c:1481:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name);
data/gsoap-2.8.104/gsoap/plugin/sessions.c:1486:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(value);
data/gsoap-2.8.104/gsoap/plugin/sessions.c:1505:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(value);
data/gsoap-2.8.104/gsoap/plugin/wsddapi.c:1723:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(delay);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:1606:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(id);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:1619:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(to);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:1631:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(wsa_id);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:1651:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(res.Identifier);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:1670:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(res.Accept->AcksTo.Address);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:1865:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->endpoint);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:2685:11: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(r3);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:2749:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(replyTo);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:2971:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(replyTo);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:2984:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(req->AcksTo.Address);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3014:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(req->Offer->Identifier);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3053:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->action);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3106:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(res->Identifier);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3126:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(res->Accept->AcksTo.Address);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3219:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->action);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:3359:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->action);
data/gsoap-2.8.104/gsoap/plugin/wsrmapi.c:4667:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap_wsrm_idname);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:516:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(token->Password->__item) == 28) /* digest pw len = 28 */
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:816:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(id);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:1202:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:1397:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:1883:160: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
security->xenc__EncryptedKey->ds__KeyInfo->wsse__SecurityTokenReference->KeyIdentifier->__item = soap_s2base64(soap, (unsigned char*)subjectkeyid, NULL, strlen(subjectkeyid));
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:1935:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tags);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2365:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ size_t l = strlen(nonce);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2433:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_smd_update(soap, &context, created, strlen(created));
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:2434:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_smd_update(soap, &context, password, strlen(password));
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:3009:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tags);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:3424:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(Id);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:3440:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(Id);
data/gsoap-2.8.104/gsoap/plugin/wsse2api.c:3504:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->id);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:2928:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(token->Password->__item) == 28) /* digest pw len = 28 */
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:3287:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(id);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:3438:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(ns->id) + 1;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:3445:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:3947:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:4239:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:4897:160: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
security->xenc__EncryptedKey->ds__KeyInfo->wsse__SecurityTokenReference->KeyIdentifier->__item = soap_s2base64(soap, (unsigned char*)subjectkeyid, NULL, strlen(subjectkeyid));
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:4959:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tags);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5114:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(keyname) + strlen(t) + 2;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5114:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(keyname) + strlen(t) + 2;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5871:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(nonce);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5946:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_smd_update(soap, &context, created, strlen(created));
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:5947:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_smd_update(soap, &context, password, strlen(password));
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:6332:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefixlist);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:6842:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tags);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:7338:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(Id);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.c:7448:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->id);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:2928:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(token->Password->__item) == 28) /* digest pw len = 28 */
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:3287:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(id);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:3438:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(ns->id) + 1;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:3445:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:3947:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:4239:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:4897:160: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
security->xenc__EncryptedKey->ds__KeyInfo->wsse__SecurityTokenReference->KeyIdentifier->__item = soap_s2base64(soap, (unsigned char*)subjectkeyid, NULL, strlen(subjectkeyid));
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:4959:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tags);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5114:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(keyname) + strlen(t) + 2;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5114:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(keyname) + strlen(t) + 2;
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5871:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(nonce);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5946:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_smd_update(soap, &context, created, strlen(created));
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:5947:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_smd_update(soap, &context, password, strlen(password));
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:6332:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefixlist);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:6842:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tags);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:7338:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(Id);
data/gsoap-2.8.104/gsoap/plugin/wsseapi.cpp:7448:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->id);
data/gsoap-2.8.104/gsoap/samples/async/asyncrest.c:84:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncrest.c:103:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncrest.c:116:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncrest.cpp:84:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncrest.cpp:103:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncrest.cpp:116:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncsoap.c:79:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncsoap.c:92:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncsoap.cpp:79:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/async/asyncsoap.cpp:92:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000); /* sleep 10ms */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:932:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DBGMSG(SENT, t, strlen(t));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:933:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->error = soap->fsend(soap, t, strlen(t));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:953:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return soap_send_raw(soap, s, strlen(s));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1044:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*s = (char*)soap_query_decode(t, strlen(t), t + 1);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1063:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*s = (char*)soap_query_decode(t, strlen(t), t + 1);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1138:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (size_t)soap->is->read(s, (std::streamsize)n).gcount(); /* downcast to std::streamsize is OK: gcount() returns how much we got in s[] */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1144:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->is);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1311:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(soap->recvfd, s, n);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:1822:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(p->string);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:2794:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3388:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->type, sizeof(soap->type) - 1, strlen(type) + 20), "%s[%d", type, size[0] + offset[0]);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3391:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->type);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3397:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->type, sizeof(soap->type) - 1, strlen(type) + 20), "%s[%d", type, size[0]);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3400:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->type);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3422:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->arrayOffset);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3461:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(attr);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3541:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:3542:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(ns) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4018:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SSL_CTX_set_session_id_context(soap->ctx, (unsigned char*)sid, (unsigned int)strlen(sid));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4210:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(msg) + 1), "%s\n", msg);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4216:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4218:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4227:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf + l, sizeof(soap->msgbuf) - l, strlen(s)), "%s", s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4233:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4242:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf + l, sizeof(soap->msgbuf) - l, strlen(s) + 42), "Error observed by underlying SSL/TLS BIO: %s", s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:4674:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (int)strlen(buf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:6443:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(soap->pipe_fd[0], &ch, 1) == -1)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:6543:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(soap->pipe_fd[0], &ch, 1) == -1)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:7571:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s) - 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:7623:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(soap->endpoint);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:7706:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->action[strlen(soap->action) - 1] = '\0';
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:7813:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->action[strlen(soap->action) - 1] = '\0';
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8065:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(endpoint) + strlen(soap->http_version) + 80;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8065:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(endpoint) + strlen(soap->http_version) + 80;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8146:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->bearer);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8155:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->ntlm_challenge);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8179:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->userid) + strlen(soap->passwd) + 1), "%s:%s", soap->userid, soap->passwd);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8179:91: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->userid) + strlen(soap->passwd) + 1), "%s:%s", soap->userid, soap->passwd);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8180:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_s2base64(soap, (const unsigned char*)(soap->tmpbuf + 262), soap->tmpbuf + 6, (int)strlen(soap->tmpbuf + 262));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8188:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->proxy_userid) + strlen(soap->proxy_passwd) + 1), "%s:%s", soap->proxy_userid, soap->proxy_passwd);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8188:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->proxy_userid) + strlen(soap->proxy_passwd) + 1), "%s:%s", soap->proxy_userid, soap->proxy_passwd);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8189:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_s2base64(soap, (const unsigned char*)(soap->tmpbuf + 262), soap->tmpbuf + 6, (int)strlen(soap->tmpbuf + 262));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8209:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(action) + 2), "\"%s\"", action);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8229:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8286:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(http, sizeof(http), strlen(soap->http_version) + 5), "HTTP/%s", soap->http_version);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8314:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), sizeof(http) + 22 + strlen(line)), "%s %d %s", http, code, line);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8321:104: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF_SAFE(soap->tmpbuf, sizeof(soap->tmpbuf)), "Basic realm=\"%s\"", (soap->authrealm && strlen(soap->authrealm) + 14 < sizeof(soap->tmpbuf)) ? soap->authrealm : "gSOAP Web Service");
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8480:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8490:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t m = t ? strlen(t) : 0;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8491:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)soap_memmove(r + m - 1, soap->msgbuf + sizeof(soap->msgbuf) - (r + n + 1), r + k + 1, strlen(r + k + 1) + 1);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8500:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int m = (int)strlen(soap->msgbuf); /* msgbuf length is max SOAP_TMPLEN or just 1024 bytes */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8558:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = 3 * (int)strlen(s) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8608:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!path || (path && p->path && !strncmp(p->path, path, strlen(p->path)))))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8638:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8685:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(value) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8702:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(domain) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8711:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!path || strncmp(path, q->path, strlen(q->path)))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8719:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8755:118: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strcmp(q->name, name) && (!q->domain || !strcmp(q->domain, domain)) && (!q->path || !strncmp(q->path, path, strlen(q->path))))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8912:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t && (int)strlen(t) < 3968 - (int)(s-tmp))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8917:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8920:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t && (int)strlen(t) < 3976 - (int)(s-tmp))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8929:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8939:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8944:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:8974:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9035:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9048:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(hostent.h_name);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9058:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!q->path || !strncmp(q->path, path, strlen(q->path)))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9066:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 3*strlen(q->name);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9068:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 3*strlen(q->value) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9070:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(q->path) + 9;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9072:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(q->domain) + 11;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9093:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9095:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->name && (s-tmp) + strlen(q->name) + (size_t)15 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9099:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->value && *q->value && (s-tmp) + strlen(q->value) + (size_t)16 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9104:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->path && (s-tmp) + strlen(q->path) + (size_t)36 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9107:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9109:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->domain && (s-tmp) + strlen(q->domain) + (size_t)36 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9112:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9164:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9189:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9216:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9231:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9253:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!p->expire && strlen(tmp) >= 23)
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9348:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9358:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9380:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->path) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9468:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->name) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9477:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->value) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9486:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->domain) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:9495:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->path) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:10238:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->dime_id_format) + 20), soap->dime_id_format, id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:10274:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(aid) - 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:10373:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:11650:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(logfile) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:11943:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = sizeof(struct soap_nlist) + strlen(nq->id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:11986:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = sizeof(struct soap_attribute) + strlen(tq->name);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:12614:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(little);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:12680:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:12682:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(ns) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:12721:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(tag);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:12911:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(ns->id) + 6), "xmlns:%s", ns->id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:12957:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:13027:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:13051:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:13358:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->tmpbuf[strlen(soap->tmpbuf) - 1] = '\0';
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:13401:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(np->id) + 6), "xmlns:%s", np->id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:14072:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:14145:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (value && tp->value && tp->size <= strlen(value))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:14156:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp->size = strlen(value) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:14643:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:14713:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp->size = strlen(soap->labbuf) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15171:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15176:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(tp->name);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15184:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(tp->value);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15200:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = (int)strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15906:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15911:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(tp->name);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:15919:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(tp->value);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17420:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17471:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17560:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17626:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(q);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17636:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17643:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17819:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17830:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:17934:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (soap_append_lab(soap, NULL, sizeof(wchar_t) * (strlen(s) + 1)))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19101:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += ((strlen(content->id)+3)&(~3));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19103:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += ((strlen(content->type)+3)&(~3));
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19111:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(soap->mime.boundary);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19120:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 16 + strlen(content->type);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19124:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 29 + strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19127:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 14 + strlen(content->id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19130:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 20 + strlen(content->location);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19133:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 23 + strlen(content->description);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19172:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(option);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19202:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idlen = strlen(soap->dime.id);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19208:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
typelen = strlen(soap->dime.type);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19587:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = soap->msgbuf + strlen(soap->msgbuf) - 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19866:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:19919:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), prefix ? strlen(prefix) + 37 : 37), "%s%8.8x-%4.4hx-4%3.3hx-%4.4hx-%4.4hx%8.8x", prefix ? prefix : SOAP_STR_EOS, r1, (short)(r2 >> 16), (short)(((short)r2 >> 4) & 0x0FFF), (short)(((short)(r3 >> 16) & 0x3FFF) | 0x8000), (short)r3, r4);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:20132:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->mime.boundary) + strlen(soap->mime.start) + 140 > sizeof(soap->tmpbuf))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:20132:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->mime.boundary) + strlen(soap->mime.start) + 140 > sizeof(soap->tmpbuf))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:20179:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->id, sizeof(soap->id), strlen(soap->dime_id_format) + 20), soap->dime_id_format, 0);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:20192:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->count += 12 + ((strlen(soap->dime.id)+3)&(~3)) + (soap->dime.type ? ((strlen(soap->dime.type)+3)&(~3)) : 0);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:20192:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->count += 12 + ((strlen(soap->dime.id)+3)&(~3)) + (soap->dime.type ? ((strlen(soap->dime.type)+3)&(~3)) : 0);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:20293:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:20328:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(soap->mime.boundary);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:20913:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(prefix);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21168:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = r + strlen(r) + 1;
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21178:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21342:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(endpoints);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21362:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = endpoints + strlen(endpoints);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21636:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = (strlen(s) + 3) / 4 * 3 + 1; /* space for raw binary and \0 */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21753:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s) / 2 + 1; /* make sure enough space for \0 */
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21820:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->mime.boundary) + 53), "multipart/related; charset=utf-8; boundary=\"%s\"; type=\"", soap->mime.boundary);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21825:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21826:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21831:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21832:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(soap->mime.start) + 10), "\"; start=\"%s", soap->mime.start);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21836:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21837:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(r) + 15), "\"; start-info=\"%s", r);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21839:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21849:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21850:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(soap->action);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21943:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21943:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21943:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21945:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + 33), "Validation constraint violation: %s%s", s, t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:21945:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + 33), "Validation constraint violation: %s%s", s, t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22014:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(soap->tag) + 65), "The data in element '%s' must be understood but cannot be processed", soap->tag);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22032:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(soap->tag) + 66), "Method '%s' not implemented: method name or namespace not recognized", soap->tag);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22130:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), (soap->d_stream && soap->d_stream->msg ? strlen(soap->d_stream->msg) : 0) + 19), "Zlib/gzip error: '%s'", soap->d_stream && soap->d_stream->msg ? soap->d_stream->msg : SOAP_STR_EOS);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22171:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->msgbuf) + 25 < sizeof(soap->msgbuf))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22173:110: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)soap_memmove((void*)(soap->msgbuf + 25), sizeof(soap->tmpbuf) - 25, (const void*)soap->msgbuf, strlen(soap->msgbuf) + 1);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22198:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(t) + 54), "Error %d: HTTP %d %s", soap->error, soap->error, t);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22537:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22542:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22547:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22757:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22757:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22757:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp:22757:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1483:44: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
# define soap_strcpy(buf, len, src) (void)(strncpy((buf), (src), (len)), (buf)[(len) - 1] = '\0')
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1499:95: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
# define soap_strncpy(buf, len, src, num) ((buf) == NULL || ((size_t)(len) > (size_t)(num) ? (strncpy((buf), (src), (num)), (buf)[(size_t)(num)] = '\0') : ((buf)[0] = '\0', 1)))
data/gsoap-2.8.104/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.h:1504:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define soap_strncat(buf, len, src, num) ((buf) == NULL || ((size_t)(len) > strlen((buf)) + (size_t)(num) ? strncat_s((buf), (len), (src), (num)) : 1))
data/gsoap-2.8.104/gsoap/samples/databinding/address.cpp:212:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = buf + strlen(buf) - 1; s > buf; s--)
data/gsoap-2.8.104/gsoap/samples/dime/dimeclient.cpp:279:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, options + 4, len);
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:309:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *s = (char*)soap_malloc(soap, strlen(TMPDIR) + strlen(name) + 2);
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:309:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *s = (char*)soap_malloc(soap, strlen(TMPDIR) + strlen(name) + 2);
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:311:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "/");
data/gsoap-2.8.104/gsoap/samples/dime/dimeserver.cpp:335:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc(fd)) == EOF)
data/gsoap-2.8.104/gsoap/samples/factory/factory.cpp:142:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ size_t l = strlen(name);
data/gsoap-2.8.104/gsoap/samples/googleapi/gdm.cpp:125:7: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep((useconds_t)(1000 * delay));
data/gsoap-2.8.104/gsoap/samples/googleapi/gdx.cpp:124:7: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep((useconds_t)(1000 * delay));
data/gsoap-2.8.104/gsoap/samples/httpcookies/ckserver.cpp:143:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*r = (char*)soap_malloc(soap, strlen(buf)+1)))
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:457:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *file = soap_malloc(soap, strlen(TMPDIR) + 80);
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:467:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(file, "/");
data/gsoap-2.8.104/gsoap/samples/mtom-stream/mtom-stream-test.c:598:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ int n = strlen(file);
data/gsoap-2.8.104/gsoap/samples/mtom/mtom-test.c:107:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data.choice.base64.__size = (int)strlen(argv[2]) + 1;
data/gsoap-2.8.104/gsoap/samples/mtom/mtom-test.c:119:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data.choice.xop__Include.__size = (int)strlen(argv[2]) + 1;
data/gsoap-2.8.104/gsoap/samples/mtom/mtom-test.c:147:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrap.Data[i].choice.base64.__size = (int)strlen(argv[i + 2]) + 1;
data/gsoap-2.8.104/gsoap/samples/mtom/mtom-test.c:174:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrap.Data[i].choice.xop__Include.__size = (int)strlen(argv[i + 2]) + 1;
data/gsoap-2.8.104/gsoap/samples/router/router.c:671:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ size_t m = strlen(sender->endpoint);
data/gsoap-2.8.104/gsoap/samples/rss/rss.c:106:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ len = strlen(query);
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:132:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(s);
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:485:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(auth_userid);
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:508:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(proxy_host);
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:1052:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!t || strncmp(t, opt, strlen(opt)) || qperc == 100 || gen_random() % 100 < qperc)
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:1183:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(s, opt, strlen(opt)))
data/gsoap-2.8.104/gsoap/samples/testmsgr/testmsgr.cpp:1899:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(r);
data/gsoap-2.8.104/gsoap/samples/varparam/varparam.cpp:468:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__size = strlen(s)+1;
data/gsoap-2.8.104/gsoap/samples/varparam/varparam.cpp:481:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__size = strlen(s)+1;
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:325:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(buf, ": unrecognized subject name", sizeof(buf)-strlen(buf)-1);
data/gsoap-2.8.104/gsoap/samples/wcf/Basic/MessageSecurity/calculator.cpp:325:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, ": unrecognized subject name", sizeof(buf)-strlen(buf)-1);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:77:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(options[n].value);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:372:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->value) + strlen(val);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:372:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->value) + strlen(val);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:383:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(val);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:447:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(val);
data/gsoap-2.8.104/gsoap/samples/webserver/options.c:458:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(val);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:825:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->endpoint, sizeof(soap->endpoint), strlen(soap->path) + 10), "http://genivia.com%s", soap->path + 8); /* redirect */
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1406:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
</table>", (unsigned long)pix, title && strlen(title) < 80 ? title : "", lab, color, (unsigned long)len * 2);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1440:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<td bgcolor='#666666' valign='top'>%s</td>", title && strlen(title) < 80 ? title : "", (unsigned long)height + 50, (unsigned long)num + 1, (unsigned long)height, (unsigned long)height, lab);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1448:324: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<td bgcolor='#FFFFFF'><a onmouseover=\"window.status='%lu';return true\" onmouseout=\"window.status='';return true\" href='#%s'><img src='top.gif' alt='' width='%lu' height='1' align='bottom' border='0'><br><img src='bar.gif' alt='' width='%lu' height='%lu' align='bottom' border='0'></a></td>", (unsigned long)i, title && strlen(title) < 80 ? title : "", (unsigned long)barwidth, (unsigned long)barwidth, bar - 1);
data/gsoap-2.8.104/gsoap/samples/webserver/webserver.c:1461:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<td bgcolor='#666666'>%s</td>", (unsigned long)height, (unsigned long)height, title && strlen(title) < 80 ? title : "");
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:342:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (isdigit(argv[1][strlen(argv[1])-1]))
data/gsoap-2.8.104/gsoap/samples/wsse/wssedemo.c:344:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
runs = argv[1][strlen(argv[1])-1] - '0';
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:138:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (isdigit(argv[1][strlen(argv[1])-1]))
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.c:140:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
runs = argv[1][strlen(argv[1])-1] - '0';
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:136:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (isdigit(argv[1][strlen(argv[1])-1]))
data/gsoap-2.8.104/gsoap/samples/wst/wstdemo.cpp:138:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
runs = argv[1][strlen(argv[1])-1] - '0';
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/json-GoogleDistanceMatrix.cpp:122:7: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep((useconds_t)(1000 * delay));
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc.cpp:347:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base64->__size = (int)strlen(s);
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc.cpp:362:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base64->__size = (int)strlen(s);
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc.cpp:377:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rawdata->__size = (int)strlen(s);
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc.cpp:392:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rawdata->__size = (int)strlen(s);
data/gsoap-2.8.104/gsoap/samples/xml-rpc-json/xml-rpc.cpp:1139:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__size = (int)strlen(p);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:799:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(yyin); \
data/gsoap-2.8.104/gsoap/src/lex.yy.c:937:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/gsoap-2.8.104/gsoap/src/lex.yy.c:1380:29: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
{ strncpy(buf, s + 1, sizeof(buf));
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2130:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,strlen(yystr) );
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2514:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(yylval.s, yytext, strlen(yytext)-1);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2514:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(yylval.s, yytext, strlen(yytext)-1);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2515:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
yylval.s[strlen(yytext)-1] = '\0';
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2610:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2626:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2647:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2655:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *t = (char*)emalloc(strlen(sp->URL) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2655:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *t = (char*)emalloc(strlen(sp->URL) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2657:33: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, " ");
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2736:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2756:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2776:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2799:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2823:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2843:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2863:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2883:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2903:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2921:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2939:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2957:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2975:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:2993:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3011:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3029:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3050:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext+j, k-j);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3165:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, yytext + i, j - i);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3258:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(fullname)+15);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3268:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(fullname)+1);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3275:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(fullname)+1);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3284:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 4)
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3287:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(name); i++)
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3334:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, s, t - s);
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3342:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf) - 1;
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3345:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ":");
data/gsoap-2.8.104/gsoap/src/lex.yy.c:3366:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (struct importlist*)emalloc(sizeof(struct importlist) + strlen(file)); /* has already + 1 byte size */
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:152:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*dirpath && dirpath[strlen(dirpath)-1] != '/' && dirpath[strlen(dirpath)-1] != '\\')
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:152:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*dirpath && dirpath[strlen(dirpath)-1] != '/' && dirpath[strlen(dirpath)-1] != '\\')
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:259:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = (char*)emalloc(strlen(importpath) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:259:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = (char*)emalloc(strlen(importpath) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:396:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *t = (char*)emalloc(strlen(importpath) + strlen(defimportpath) + 2);
data/gsoap-2.8.104/gsoap/src/soapcpp2.c:396:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ char *t = (char*)emalloc(strlen(importpath) + strlen(defimportpath) + 2);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:1530:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2679:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(s1) + strlen(s2) + 10);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2679:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(s1) + strlen(s2) + 10);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2726:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen((yyvsp[0].sym)->name) + 2);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2730:31: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, (yyvsp[0].sym)->name, s2 - (yyvsp[0].sym)->name + 1);
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2731:31: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "~");
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:2736:31: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, "~");
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:5948:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t->width / ((Tnode*)t->ref)->width - 1 < (int)strlen(n->val.s))
data/gsoap-2.8.104/gsoap/src/soapcpp2_yacc.tab.c:6283:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t i = 0, j, n = strlen(fun->sym->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:388:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Symbol *p = (Symbol*)emalloc(sizeof(Symbol)+strlen(name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:533:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(sym->name) + 2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:535:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:649:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(t, sym->name, s - sym->name);
data/gsoap-2.8.104/gsoap/src/symbol2.c:928:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(soapC, "C");
data/gsoap-2.8.104/gsoap/src/symbol2.c:3178:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)(strlen(s) - 2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3188:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, s, i);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3275:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(strlen(tmpURI) + strlen(ns->name) + 6);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3275:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(strlen(tmpURI) + strlen(ns->name) + 6);
data/gsoap-2.8.104/gsoap/src/symbol2.c:3457:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ".");
data/gsoap-2.8.104/gsoap/src/symbol2.c:4456:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4480:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (int)strlen(s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:4537:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-12)
data/gsoap-2.8.104/gsoap/src/symbol2.c:4563:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "0");
data/gsoap-2.8.104/gsoap/src/symbol2.c:4577:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "0");
data/gsoap-2.8.104/gsoap/src/symbol2.c:4648:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-12)
data/gsoap-2.8.104/gsoap/src/symbol2.c:5938:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(sp->protocol) > 6)
data/gsoap-2.8.104/gsoap/src/symbol2.c:5965:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(m->part) > 6)
data/gsoap-2.8.104/gsoap/src/symbol2.c:7978:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(sp->protocol) > 6)
data/gsoap-2.8.104/gsoap/src/symbol2.c:8003:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(m->part) > 6)
data/gsoap-2.8.104/gsoap/src/symbol2.c:10845:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11373:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(t, p->id->name, s - p->id->name + 2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11411:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(s) - 1; n && s[n] == '_'; n--)
data/gsoap-2.8.104/gsoap/src/symbol2.c:11425:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(s) - 1; n && s[n] == '_'; n--)
data/gsoap-2.8.104/gsoap/src/symbol2.c:11645:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s) - 1;
data/gsoap-2.8.104/gsoap/src/symbol2.c:11646:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(t) - 1;
data/gsoap-2.8.104/gsoap/src/symbol2.c:11669:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(s) - 1; n && s[n] == '_'; n--)
data/gsoap-2.8.104/gsoap/src/symbol2.c:11671:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (m = strlen(t) - 1; m && t[m] == '_'; m--)
data/gsoap-2.8.104/gsoap/src/symbol2.c:11695:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(ns)) < strlen(s))
data/gsoap-2.8.104/gsoap/src/symbol2.c:11695:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((n = strlen(ns)) < strlen(s))
data/gsoap-2.8.104/gsoap/src/symbol2.c:11720:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = emalloc(2*strlen(name) + 2*(t ? strlen(type) + 2 : 0) + 20);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11720:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = emalloc(2*strlen(name) + 2*(t ? strlen(type) + 2 : 0) + 20);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11732:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ")");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11836:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r, s, t - s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11876:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(namespaceid) + 12);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11876:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(namespaceid) + 12);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11879:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11883:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + 11);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11898:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + strlen(namespaceid) + 14);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11898:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + strlen(namespaceid) + 14);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11898:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + strlen(namespaceid) + 14);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11901:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11905:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + 13);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11905:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(t) + strlen(n) + 13);
data/gsoap-2.8.104/gsoap/src/symbol2.c:11909:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:11991:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((10+strlen(q = c_ident((Tnode*)typ->ref))) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:11996:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((16+strlen(c_ident((Tnode*)typ->ref))) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12005:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((11+strlen(res_remove(typ->id->name))+strlen(q = c_ident((Tnode*)typ->ref))) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12005:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((11+strlen(res_remove(typ->id->name))+strlen(q = c_ident((Tnode*)typ->ref))) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12084:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = strlen(tag); n > 0; n--)
data/gsoap-2.8.104/gsoap/src/symbol2.c:12109:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, tag+i+2, 4);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12120:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, tag+i+2, 4);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12150:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, tag+i+2, 4);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12161:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, tag+i+2, 4);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12185:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(tag) + 1);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12264:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(r) + 3);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12265:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, "\"");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12267:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "\"");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12279:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(r) + 3);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12280:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, "\"");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12282:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "\"");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12307:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(n) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12307:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(n) + strlen(s) + 2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12309:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ":");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12320:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (r = s+strlen(s)-1; r > s; r--)
data/gsoap-2.8.104/gsoap/src/symbol2.c:12349:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12351:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(n + strlen(suffix) + 2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12365:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "_");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12374:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char*)emalloc(strlen(tag) + 1);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12433:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tag && type && !strncmp(tag, type, n = strlen(type)) && strlen(tag) > n + 2 && tag[n] == '_' && tag[n + 1] == '_')
data/gsoap-2.8.104/gsoap/src/symbol2.c:12433:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tag && type && !strncmp(tag, type, n = strlen(type)) && strlen(tag) > n + 2 && tag[n] == '_' && tag[n + 1] == '_')
data/gsoap-2.8.104/gsoap/src/symbol2.c:12586:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(s)+strlen(ns_convert(ns))+13);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12586:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(s)+strlen(ns_convert(ns))+13);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12588:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ":");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12593:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc(strlen(s)+12);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12599:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(t+strlen(t), "%dD", d);
data/gsoap-2.8.104/gsoap/src/symbol2.c:12677:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc((strlen(ns_convert(ns))+strlen(c_ident(typ))+2) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12677:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc((strlen(ns_convert(ns))+strlen(c_ident(typ))+2) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12679:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ":");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12697:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc((strlen(ns_convert(ns))+strlen(typ->id->name)+2) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12697:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)emalloc((strlen(ns_convert(ns))+strlen(typ->id->name)+2) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12699:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, ":");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12828:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((8+strlen(q)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12836:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12844:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((6+strlen(q)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12861:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "(");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12878:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ")");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12883:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref)) + strlen(r = ident(typ->id->name)) + 4) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12883:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref)) + strlen(r = ident(typ->id->name)) + 4) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:12885:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "<");
data/gsoap-2.8.104/gsoap/src/symbol2.c:12992:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (is_stdstring(p) && e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-6)
data/gsoap-2.8.104/gsoap/src/symbol2.c:12994:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (is_stdwstring(p) && e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-7)
data/gsoap-2.8.104/gsoap/src/symbol2.c:12996:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (is_wstring(p) && e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-17)
data/gsoap-2.8.104/gsoap/src/symbol2.c:12998:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (e->info.val.s && strlen(e->info.val.s) < sizeof(buf)-13)
data/gsoap-2.8.104/gsoap/src/symbol2.c:13033:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(6+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13038:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(6+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13043:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(9+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13048:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(7+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13053:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(5+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13058:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(6+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13063:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(8+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13068:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(7+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13073:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(8+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13078:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(13+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13083:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(15+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13088:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(16+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13093:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(14+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13098:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(15+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13103:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(9+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13108:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(8+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13113:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(8+strlen(id));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13119:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((9+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13119:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((9+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13122:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13127:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((2+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13127:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((2+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13129:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13134:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((8+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13134:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((8+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13137:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13143:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(id)+6)* sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13149:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13149:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13152:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13157:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13157:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((7+strlen(q)+strlen(id)) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13159:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13163:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(id)+2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13168:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(id)+2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13173:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(id)+3);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13182:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((12+strlen(q = c_type_id((Tnode*)typ->ref, id))) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13203:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "(");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13217:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ")");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13222:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref))+strlen(ident(typ->id->name))+strlen(id)+4) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13222:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref))+strlen(ident(typ->id->name))+strlen(id)+4) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13222:95: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc((strlen(q = c_type((Tnode*)typ->ref))+strlen(ident(typ->id->name))+strlen(id)+4) * sizeof(char));
data/gsoap-2.8.104/gsoap/src/symbol2.c:13224:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "<");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13252:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = (char*)emalloc(strlen(synonym) + strlen(id) + 2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13252:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = (char*)emalloc(strlen(synonym) + strlen(id) + 2);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13254:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, " ");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13287:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(s)+cardinality+3);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13291:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "[");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13294:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "]");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13330:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char*)emalloc(strlen(s)+cardinality*2+1);
data/gsoap-2.8.104/gsoap/src/symbol2.c:13334:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "[");
data/gsoap-2.8.104/gsoap/src/symbol2.c:13337:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "]");
data/gsoap-2.8.104/gsoap/src/symbol2.c:17004:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(d * (strlen(a) + 16) + 1);
data/gsoap-2.8.104/gsoap/src/symbol2.c:17008:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/src/symbol2.c:17048:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(ident(typ->id->name));
data/gsoap-2.8.104/gsoap/src/symbol2.c:17647:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(strlen(type) + strlen(name) + 6);
data/gsoap-2.8.104/gsoap/src/symbol2.c:17647:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = (char*)emalloc(strlen(type) + strlen(name) + 6);
data/gsoap-2.8.104/gsoap/stdsoap2.c:932:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DBGMSG(SENT, t, strlen(t));
data/gsoap-2.8.104/gsoap/stdsoap2.c:933:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->error = soap->fsend(soap, t, strlen(t));
data/gsoap-2.8.104/gsoap/stdsoap2.c:953:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return soap_send_raw(soap, s, strlen(s));
data/gsoap-2.8.104/gsoap/stdsoap2.c:1044:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*s = (char*)soap_query_decode(t, strlen(t), t + 1);
data/gsoap-2.8.104/gsoap/stdsoap2.c:1063:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*s = (char*)soap_query_decode(t, strlen(t), t + 1);
data/gsoap-2.8.104/gsoap/stdsoap2.c:1138:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (size_t)soap->is->read(s, (std::streamsize)n).gcount(); /* downcast to std::streamsize is OK: gcount() returns how much we got in s[] */
data/gsoap-2.8.104/gsoap/stdsoap2.c:1144:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->is);
data/gsoap-2.8.104/gsoap/stdsoap2.c:1311:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(soap->recvfd, s, n);
data/gsoap-2.8.104/gsoap/stdsoap2.c:1822:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(p->string);
data/gsoap-2.8.104/gsoap/stdsoap2.c:2794:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:3388:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->type, sizeof(soap->type) - 1, strlen(type) + 20), "%s[%d", type, size[0] + offset[0]);
data/gsoap-2.8.104/gsoap/stdsoap2.c:3391:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->type);
data/gsoap-2.8.104/gsoap/stdsoap2.c:3397:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->type, sizeof(soap->type) - 1, strlen(type) + 20), "%s[%d", type, size[0]);
data/gsoap-2.8.104/gsoap/stdsoap2.c:3400:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->type);
data/gsoap-2.8.104/gsoap/stdsoap2.c:3422:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->arrayOffset);
data/gsoap-2.8.104/gsoap/stdsoap2.c:3461:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(attr);
data/gsoap-2.8.104/gsoap/stdsoap2.c:3541:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:3542:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(ns) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:4018:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SSL_CTX_set_session_id_context(soap->ctx, (unsigned char*)sid, (unsigned int)strlen(sid));
data/gsoap-2.8.104/gsoap/stdsoap2.c:4210:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(msg) + 1), "%s\n", msg);
data/gsoap-2.8.104/gsoap/stdsoap2.c:4216:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:4218:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:4227:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf + l, sizeof(soap->msgbuf) - l, strlen(s)), "%s", s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:4233:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:4242:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf + l, sizeof(soap->msgbuf) - l, strlen(s) + 42), "Error observed by underlying SSL/TLS BIO: %s", s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:4674:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (int)strlen(buf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:6443:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(soap->pipe_fd[0], &ch, 1) == -1)
data/gsoap-2.8.104/gsoap/stdsoap2.c:6543:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(soap->pipe_fd[0], &ch, 1) == -1)
data/gsoap-2.8.104/gsoap/stdsoap2.c:7571:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s) - 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:7623:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(soap->endpoint);
data/gsoap-2.8.104/gsoap/stdsoap2.c:7706:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->action[strlen(soap->action) - 1] = '\0';
data/gsoap-2.8.104/gsoap/stdsoap2.c:7813:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->action[strlen(soap->action) - 1] = '\0';
data/gsoap-2.8.104/gsoap/stdsoap2.c:8065:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(endpoint) + strlen(soap->http_version) + 80;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8065:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(endpoint) + strlen(soap->http_version) + 80;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8146:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->bearer);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8155:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->ntlm_challenge);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8179:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->userid) + strlen(soap->passwd) + 1), "%s:%s", soap->userid, soap->passwd);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8179:91: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->userid) + strlen(soap->passwd) + 1), "%s:%s", soap->userid, soap->passwd);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8180:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_s2base64(soap, (const unsigned char*)(soap->tmpbuf + 262), soap->tmpbuf + 6, (int)strlen(soap->tmpbuf + 262));
data/gsoap-2.8.104/gsoap/stdsoap2.c:8188:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->proxy_userid) + strlen(soap->proxy_passwd) + 1), "%s:%s", soap->proxy_userid, soap->proxy_passwd);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8188:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->proxy_userid) + strlen(soap->proxy_passwd) + 1), "%s:%s", soap->proxy_userid, soap->proxy_passwd);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8189:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_s2base64(soap, (const unsigned char*)(soap->tmpbuf + 262), soap->tmpbuf + 6, (int)strlen(soap->tmpbuf + 262));
data/gsoap-2.8.104/gsoap/stdsoap2.c:8209:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(action) + 2), "\"%s\"", action);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8229:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8286:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(http, sizeof(http), strlen(soap->http_version) + 5), "HTTP/%s", soap->http_version);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8314:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), sizeof(http) + 22 + strlen(line)), "%s %d %s", http, code, line);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8321:104: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF_SAFE(soap->tmpbuf, sizeof(soap->tmpbuf)), "Basic realm=\"%s\"", (soap->authrealm && strlen(soap->authrealm) + 14 < sizeof(soap->tmpbuf)) ? soap->authrealm : "gSOAP Web Service");
data/gsoap-2.8.104/gsoap/stdsoap2.c:8480:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8490:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t m = t ? strlen(t) : 0;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8491:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)soap_memmove(r + m - 1, soap->msgbuf + sizeof(soap->msgbuf) - (r + n + 1), r + k + 1, strlen(r + k + 1) + 1);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8500:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int m = (int)strlen(soap->msgbuf); /* msgbuf length is max SOAP_TMPLEN or just 1024 bytes */
data/gsoap-2.8.104/gsoap/stdsoap2.c:8558:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = 3 * (int)strlen(s) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8608:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!path || (path && p->path && !strncmp(p->path, path, strlen(p->path)))))
data/gsoap-2.8.104/gsoap/stdsoap2.c:8638:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8685:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(value) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8702:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(domain) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8711:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!path || strncmp(path, q->path, strlen(q->path)))
data/gsoap-2.8.104/gsoap/stdsoap2.c:8719:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:8755:118: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strcmp(q->name, name) && (!q->domain || !strcmp(q->domain, domain)) && (!q->path || !strncmp(q->path, path, strlen(q->path))))
data/gsoap-2.8.104/gsoap/stdsoap2.c:8912:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t && (int)strlen(t) < 3968 - (int)(s-tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.c:8917:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8920:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t && (int)strlen(t) < 3976 - (int)(s-tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.c:8929:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8939:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8944:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:8974:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:9035:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:9048:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(hostent.h_name);
data/gsoap-2.8.104/gsoap/stdsoap2.c:9058:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!q->path || !strncmp(q->path, path, strlen(q->path)))
data/gsoap-2.8.104/gsoap/stdsoap2.c:9066:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 3*strlen(q->name);
data/gsoap-2.8.104/gsoap/stdsoap2.c:9068:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 3*strlen(q->value) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9070:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(q->path) + 9;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9072:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(q->domain) + 11;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9093:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:9095:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->name && (s-tmp) + strlen(q->name) + (size_t)15 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.c:9099:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->value && *q->value && (s-tmp) + strlen(q->value) + (size_t)16 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.c:9104:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->path && (s-tmp) + strlen(q->path) + (size_t)36 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.c:9107:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:9109:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->domain && (s-tmp) + strlen(q->domain) + (size_t)36 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.c:9112:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:9164:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9189:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9216:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9231:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9253:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!p->expire && strlen(tmp) >= 23)
data/gsoap-2.8.104/gsoap/stdsoap2.c:9348:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9358:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9380:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->path) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9468:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->name) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9477:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->value) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9486:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->domain) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:9495:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->path) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:10238:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->dime_id_format) + 20), soap->dime_id_format, id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:10274:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(aid) - 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:10373:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:11650:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(logfile) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:11943:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = sizeof(struct soap_nlist) + strlen(nq->id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:11986:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = sizeof(struct soap_attribute) + strlen(tq->name);
data/gsoap-2.8.104/gsoap/stdsoap2.c:12614:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(little);
data/gsoap-2.8.104/gsoap/stdsoap2.c:12680:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:12682:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(ns) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:12721:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(tag);
data/gsoap-2.8.104/gsoap/stdsoap2.c:12911:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(ns->id) + 6), "xmlns:%s", ns->id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:12957:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:13027:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:13051:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:13358:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->tmpbuf[strlen(soap->tmpbuf) - 1] = '\0';
data/gsoap-2.8.104/gsoap/stdsoap2.c:13401:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(np->id) + 6), "xmlns:%s", np->id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:14072:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name);
data/gsoap-2.8.104/gsoap/stdsoap2.c:14145:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (value && tp->value && tp->size <= strlen(value))
data/gsoap-2.8.104/gsoap/stdsoap2.c:14156:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp->size = strlen(value) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:14643:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:14713:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp->size = strlen(soap->labbuf) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:15171:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:15176:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(tp->name);
data/gsoap-2.8.104/gsoap/stdsoap2.c:15184:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(tp->value);
data/gsoap-2.8.104/gsoap/stdsoap2.c:15200:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = (int)strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:15906:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:15911:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(tp->name);
data/gsoap-2.8.104/gsoap/stdsoap2.c:15919:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(tp->value);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17420:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17471:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17560:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17626:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(q);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17636:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17643:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17819:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17830:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/stdsoap2.c:17934:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (soap_append_lab(soap, NULL, sizeof(wchar_t) * (strlen(s) + 1)))
data/gsoap-2.8.104/gsoap/stdsoap2.c:19101:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += ((strlen(content->id)+3)&(~3));
data/gsoap-2.8.104/gsoap/stdsoap2.c:19103:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += ((strlen(content->type)+3)&(~3));
data/gsoap-2.8.104/gsoap/stdsoap2.c:19111:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(soap->mime.boundary);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19120:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 16 + strlen(content->type);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19124:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 29 + strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19127:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 14 + strlen(content->id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19130:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 20 + strlen(content->location);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19133:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 23 + strlen(content->description);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19172:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(option);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19202:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idlen = strlen(soap->dime.id);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19208:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
typelen = strlen(soap->dime.type);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19587:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = soap->msgbuf + strlen(soap->msgbuf) - 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:19866:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:19919:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), prefix ? strlen(prefix) + 37 : 37), "%s%8.8x-%4.4hx-4%3.3hx-%4.4hx-%4.4hx%8.8x", prefix ? prefix : SOAP_STR_EOS, r1, (short)(r2 >> 16), (short)(((short)r2 >> 4) & 0x0FFF), (short)(((short)(r3 >> 16) & 0x3FFF) | 0x8000), (short)r3, r4);
data/gsoap-2.8.104/gsoap/stdsoap2.c:20132:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->mime.boundary) + strlen(soap->mime.start) + 140 > sizeof(soap->tmpbuf))
data/gsoap-2.8.104/gsoap/stdsoap2.c:20132:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->mime.boundary) + strlen(soap->mime.start) + 140 > sizeof(soap->tmpbuf))
data/gsoap-2.8.104/gsoap/stdsoap2.c:20179:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->id, sizeof(soap->id), strlen(soap->dime_id_format) + 20), soap->dime_id_format, 0);
data/gsoap-2.8.104/gsoap/stdsoap2.c:20192:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->count += 12 + ((strlen(soap->dime.id)+3)&(~3)) + (soap->dime.type ? ((strlen(soap->dime.type)+3)&(~3)) : 0);
data/gsoap-2.8.104/gsoap/stdsoap2.c:20192:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->count += 12 + ((strlen(soap->dime.id)+3)&(~3)) + (soap->dime.type ? ((strlen(soap->dime.type)+3)&(~3)) : 0);
data/gsoap-2.8.104/gsoap/stdsoap2.c:20293:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:20328:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(soap->mime.boundary);
data/gsoap-2.8.104/gsoap/stdsoap2.c:20913:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(prefix);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21168:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = r + strlen(r) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.c:21178:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21342:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(endpoints);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21362:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = endpoints + strlen(endpoints);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21636:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = (strlen(s) + 3) / 4 * 3 + 1; /* space for raw binary and \0 */
data/gsoap-2.8.104/gsoap/stdsoap2.c:21753:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s) / 2 + 1; /* make sure enough space for \0 */
data/gsoap-2.8.104/gsoap/stdsoap2.c:21820:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->mime.boundary) + 53), "multipart/related; charset=utf-8; boundary=\"%s\"; type=\"", soap->mime.boundary);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21825:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21826:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21831:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21832:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(soap->mime.start) + 10), "\"; start=\"%s", soap->mime.start);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21836:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21837:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(r) + 15), "\"; start-info=\"%s", r);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21839:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21849:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21850:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(soap->action);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21943:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21943:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21943:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21945:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + 33), "Validation constraint violation: %s%s", s, t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:21945:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + 33), "Validation constraint violation: %s%s", s, t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22014:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(soap->tag) + 65), "The data in element '%s' must be understood but cannot be processed", soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22032:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(soap->tag) + 66), "Method '%s' not implemented: method name or namespace not recognized", soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22130:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), (soap->d_stream && soap->d_stream->msg ? strlen(soap->d_stream->msg) : 0) + 19), "Zlib/gzip error: '%s'", soap->d_stream && soap->d_stream->msg ? soap->d_stream->msg : SOAP_STR_EOS);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22171:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->msgbuf) + 25 < sizeof(soap->msgbuf))
data/gsoap-2.8.104/gsoap/stdsoap2.c:22173:110: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)soap_memmove((void*)(soap->msgbuf + 25), sizeof(soap->tmpbuf) - 25, (const void*)soap->msgbuf, strlen(soap->msgbuf) + 1);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22198:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(t) + 54), "Error %d: HTTP %d %s", soap->error, soap->error, t);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22537:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22542:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22547:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22757:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22757:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22757:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/stdsoap2.c:22757:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:932:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DBGMSG(SENT, t, strlen(t));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:933:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->error = soap->fsend(soap, t, strlen(t));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:953:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return soap_send_raw(soap, s, strlen(s));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1044:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*s = (char*)soap_query_decode(t, strlen(t), t + 1);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1063:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*s = (char*)soap_query_decode(t, strlen(t), t + 1);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1138:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (size_t)soap->is->read(s, (std::streamsize)n).gcount(); /* downcast to std::streamsize is OK: gcount() returns how much we got in s[] */
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1144:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->is);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1311:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(soap->recvfd, s, n);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:1822:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(p->string);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:2794:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3388:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->type, sizeof(soap->type) - 1, strlen(type) + 20), "%s[%d", type, size[0] + offset[0]);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3391:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->type);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3397:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->type, sizeof(soap->type) - 1, strlen(type) + 20), "%s[%d", type, size[0]);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3400:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->type);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3422:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->arrayOffset);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3461:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(attr);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3541:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:3542:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(ns) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4018:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SSL_CTX_set_session_id_context(soap->ctx, (unsigned char*)sid, (unsigned int)strlen(sid));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4210:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(msg) + 1), "%s\n", msg);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4216:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4218:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4227:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf + l, sizeof(soap->msgbuf) - l, strlen(s)), "%s", s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4233:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4242:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf + l, sizeof(soap->msgbuf) - l, strlen(s) + 42), "Error observed by underlying SSL/TLS BIO: %s", s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:4674:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (int)strlen(buf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:6443:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(soap->pipe_fd[0], &ch, 1) == -1)
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:6543:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(soap->pipe_fd[0], &ch, 1) == -1)
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:7571:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s) - 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:7623:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(soap->endpoint);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:7706:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->action[strlen(soap->action) - 1] = '\0';
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:7813:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->action[strlen(soap->action) - 1] = '\0';
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8065:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(endpoint) + strlen(soap->http_version) + 80;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8065:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(endpoint) + strlen(soap->http_version) + 80;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8146:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->bearer);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8155:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->ntlm_challenge);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8179:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->userid) + strlen(soap->passwd) + 1), "%s:%s", soap->userid, soap->passwd);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8179:91: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->userid) + strlen(soap->passwd) + 1), "%s:%s", soap->userid, soap->passwd);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8180:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_s2base64(soap, (const unsigned char*)(soap->tmpbuf + 262), soap->tmpbuf + 6, (int)strlen(soap->tmpbuf + 262));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8188:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->proxy_userid) + strlen(soap->proxy_passwd) + 1), "%s:%s", soap->proxy_userid, soap->proxy_passwd);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8188:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + 262, sizeof(soap->tmpbuf) - 262, strlen(soap->proxy_userid) + strlen(soap->proxy_passwd) + 1), "%s:%s", soap->proxy_userid, soap->proxy_passwd);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8189:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap_s2base64(soap, (const unsigned char*)(soap->tmpbuf + 262), soap->tmpbuf + 6, (int)strlen(soap->tmpbuf + 262));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8209:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(action) + 2), "\"%s\"", action);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8229:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8286:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(http, sizeof(http), strlen(soap->http_version) + 5), "HTTP/%s", soap->http_version);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8314:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), sizeof(http) + 22 + strlen(line)), "%s %d %s", http, code, line);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8321:104: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF_SAFE(soap->tmpbuf, sizeof(soap->tmpbuf)), "Basic realm=\"%s\"", (soap->authrealm && strlen(soap->authrealm) + 14 < sizeof(soap->tmpbuf)) ? soap->authrealm : "gSOAP Web Service");
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8480:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8490:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t m = t ? strlen(t) : 0;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8491:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)soap_memmove(r + m - 1, soap->msgbuf + sizeof(soap->msgbuf) - (r + n + 1), r + k + 1, strlen(r + k + 1) + 1);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8500:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int m = (int)strlen(soap->msgbuf); /* msgbuf length is max SOAP_TMPLEN or just 1024 bytes */
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8558:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = 3 * (int)strlen(s) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8608:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!path || (path && p->path && !strncmp(p->path, path, strlen(p->path)))))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8638:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8685:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(value) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8702:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(domain) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8711:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!path || strncmp(path, q->path, strlen(q->path)))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8719:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8755:118: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strcmp(q->name, name) && (!q->domain || !strcmp(q->domain, domain)) && (!q->path || !strncmp(q->path, path, strlen(q->path))))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8912:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t && (int)strlen(t) < 3968 - (int)(s-tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8917:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8920:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (t && (int)strlen(t) < 3976 - (int)(s-tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8929:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8939:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8944:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:8974:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9035:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9048:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(hostent.h_name);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9058:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!q->path || !strncmp(q->path, path, strlen(q->path)))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9066:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 3*strlen(q->name);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9068:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += 3*strlen(q->value) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9070:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(q->path) + 9;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9072:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n += strlen(q->domain) + 11;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9093:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9095:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->name && (s-tmp) + strlen(q->name) + (size_t)15 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9099:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->value && *q->value && (s-tmp) + strlen(q->value) + (size_t)16 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9104:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->path && (s-tmp) + strlen(q->path) + (size_t)36 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9107:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9109:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (q->domain && (s-tmp) + strlen(q->domain) + (size_t)36 < sizeof(tmp))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9112:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9164:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9189:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9216:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9231:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9253:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!p->expire && strlen(tmp) >= 23)
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9348:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9358:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(tmp) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9380:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->path) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9468:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->name) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9477:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->value) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9486:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->domain) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:9495:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(p->path) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:10238:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->dime_id_format) + 20), soap->dime_id_format, id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:10274:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(aid) - 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:10373:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:11650:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(logfile) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:11943:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = sizeof(struct soap_nlist) + strlen(nq->id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:11986:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = sizeof(struct soap_attribute) + strlen(tq->name);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:12614:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(little);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:12680:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:12682:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(ns) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:12721:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(tag);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:12911:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(ns->id) + 6), "xmlns:%s", ns->id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:12957:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:13027:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:13051:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:13358:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->tmpbuf[strlen(soap->tmpbuf) - 1] = '\0';
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:13401:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(np->id) + 6), "xmlns:%s", np->id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:14072:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:14145:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (value && tp->value && tp->size <= strlen(value))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:14156:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp->size = strlen(value) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:14643:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:14713:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp->size = strlen(soap->labbuf) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15171:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15176:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(tp->name);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15184:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(tp->value);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15200:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = (int)strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15906:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15911:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(tp->name);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:15919:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(tp->value);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17420:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17471:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17560:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17626:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(q);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17636:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17643:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17819:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17830:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(r);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:17934:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (soap_append_lab(soap, NULL, sizeof(wchar_t) * (strlen(s) + 1)))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19101:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += ((strlen(content->id)+3)&(~3));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19103:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += ((strlen(content->type)+3)&(~3));
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19111:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(soap->mime.boundary);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19120:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 16 + strlen(content->type);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19124:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 29 + strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19127:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 14 + strlen(content->id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19130:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 20 + strlen(content->location);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19133:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += 23 + strlen(content->description);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19172:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(option);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19202:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idlen = strlen(soap->dime.id);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19208:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
typelen = strlen(soap->dime.type);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19587:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = soap->msgbuf + strlen(soap->msgbuf) - 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19866:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:19919:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), prefix ? strlen(prefix) + 37 : 37), "%s%8.8x-%4.4hx-4%3.3hx-%4.4hx-%4.4hx%8.8x", prefix ? prefix : SOAP_STR_EOS, r1, (short)(r2 >> 16), (short)(((short)r2 >> 4) & 0x0FFF), (short)(((short)(r3 >> 16) & 0x3FFF) | 0x8000), (short)r3, r4);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:20132:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->mime.boundary) + strlen(soap->mime.start) + 140 > sizeof(soap->tmpbuf))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:20132:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->mime.boundary) + strlen(soap->mime.start) + 140 > sizeof(soap->tmpbuf))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:20179:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->id, sizeof(soap->id), strlen(soap->dime_id_format) + 20), soap->dime_id_format, 0);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:20192:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->count += 12 + ((strlen(soap->dime.id)+3)&(~3)) + (soap->dime.type ? ((strlen(soap->dime.type)+3)&(~3)) : 0);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:20192:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
soap->count += 12 + ((strlen(soap->dime.id)+3)&(~3)) + (soap->dime.type ? ((strlen(soap->dime.type)+3)&(~3)) : 0);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:20293:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:20328:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(soap->mime.boundary);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:20913:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(prefix);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21168:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = r + strlen(r) + 1;
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21178:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21342:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(endpoints);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21362:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = endpoints + strlen(endpoints);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21636:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = (strlen(s) + 3) / 4 * 3 + 1; /* space for raw binary and \0 */
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21753:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(s) / 2 + 1; /* make sure enough space for \0 */
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21820:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf, sizeof(soap->tmpbuf), strlen(soap->mime.boundary) + 53), "multipart/related; charset=utf-8; boundary=\"%s\"; type=\"", soap->mime.boundary);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21825:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(s);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21826:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21831:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21832:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(soap->mime.start) + 10), "\"; start=\"%s", soap->mime.start);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21836:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21837:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->tmpbuf + l, sizeof(soap->tmpbuf) - l, strlen(r) + 15), "\"; start-info=\"%s", r);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21839:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21849:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->tmpbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21850:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(soap->action);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21943:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21943:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21943:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + strlen(soap->tag) + 47), "Validation constraint violation: %s%s in element '%s'", s, t, soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21945:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + 33), "Validation constraint violation: %s%s", s, t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:21945:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(s) + strlen(t) + 33), "Validation constraint violation: %s%s", s, t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22014:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(soap->tag) + 65), "The data in element '%s' must be understood but cannot be processed", soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22032:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(soap->tag) + 66), "Method '%s' not implemented: method name or namespace not recognized", soap->tag);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22130:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), (soap->d_stream && soap->d_stream->msg ? strlen(soap->d_stream->msg) : 0) + 19), "Zlib/gzip error: '%s'", soap->d_stream && soap->d_stream->msg ? soap->d_stream->msg : SOAP_STR_EOS);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22171:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(soap->msgbuf) + 25 < sizeof(soap->msgbuf))
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22173:110: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)soap_memmove((void*)(soap->msgbuf + 25), sizeof(soap->tmpbuf) - 25, (const void*)soap->msgbuf, strlen(soap->msgbuf) + 1);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22198:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(soap->msgbuf, sizeof(soap->msgbuf), strlen(t) + 54), "Error %d: HTTP %d %s", soap->error, soap->error, t);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22537:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22542:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22547:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap->msgbuf);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22757:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22757:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22757:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/stdsoap2.cpp:22757:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, len, strlen(*c) + strlen(v) + strlen(s) + strlen(d) + 72), "%s%d fault %s [%s]\n\"%s\"\nDetail: %s\n", soap->version ? "SOAP 1." : "Error ", soap->version ? (int)soap->version : soap->error, *c, v, s, d);
data/gsoap-2.8.104/gsoap/stdsoap2.h:1483:44: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
# define soap_strcpy(buf, len, src) (void)(strncpy((buf), (src), (len)), (buf)[(len) - 1] = '\0')
data/gsoap-2.8.104/gsoap/stdsoap2.h:1499:95: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
# define soap_strncpy(buf, len, src, num) ((buf) == NULL || ((size_t)(len) > (size_t)(num) ? (strncpy((buf), (src), (num)), (buf)[(size_t)(num)] = '\0') : ((buf)[0] = '\0', 1)))
data/gsoap-2.8.104/gsoap/stdsoap2.h:1504:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define soap_strncat(buf, len, src, num) ((buf) == NULL || ((size_t)(len) > strlen((buf)) + (size_t)(num) ? strncat_s((buf), (len), (src), (num)) : 1))
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:112:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(cwd, loc, relloc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:407:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int xs__schema::read(const char *cwd, const char *loc, const char *relloc)
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:455:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:455:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:461:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:484:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(relloc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:484:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(relloc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:495:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:508:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:508:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:511:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:523:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(relloc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:523:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(relloc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:526:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:559:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(cwd, soap->endpoint, NULL);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:578:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(cwd, loc, NULL);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:706:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = n + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:837:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
schemaRef->read(schema.sourceLocation(), schemaLocation, relative_schemaLocation);
data/gsoap-2.8.104/gsoap/wsdl/schema.cpp:1336:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
schemaRef->read(schema.sourceLocation(), schemaLocation, relative_schemaLocation);
data/gsoap-2.8.104/gsoap/wsdl/schema.h:611:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(const char*, const char*, const char*);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:110:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((*binding).wsoap__version && strlen((*binding).wsoap__version) > 2)
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:125:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen((*binding).portTypePtr()->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:136:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| (strcmp(soap__binding_transport+strlen(soap__binding_transport)-4, "http")
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:137:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strcmp(soap__binding_transport+strlen(soap__binding_transport)-5, "HTTP/"))))
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:327:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen(binding_name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:327:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen(binding_name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:332:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:450:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!strcmp(soap__binding_transport+strlen(soap__binding_transport)-4, "http")
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:451:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| !strcmp(soap__binding_transport+strlen(soap__binding_transport)-5, "HTTP/")))
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:517:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:517:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:517:107: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:640:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(op->action);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:651:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:651:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:651:111: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:689:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(op->output->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:787:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen(binding_name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:787:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen(binding_name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:792:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:886:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!strcmp(soap__binding_transport+strlen(soap__binding_transport)-4, "http")
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:887:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| !strcmp(soap__binding_transport+strlen(soap__binding_transport)-5, "HTTP/")))
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:955:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:955:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:955:107: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(definitions.targetNamespace) + strlen((*binding).portTypePtr()->name) + strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1015:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(op->output->name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1305:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(ext_fault.wsoap__code);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1307:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(ext_fault.wsoap__subcodes);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1366:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(prefix);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1406:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1426:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1647:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path) + strlen(fullpath) + 2;
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1647:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(path) + strlen(fullpath) + 2;
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:1752:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(*u);
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4279:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(uri) + 2*n;
data/gsoap-2.8.104/gsoap/wsdl/service.cpp:4306:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(*u);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:175:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int Types::read(const char *file)
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:186:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, sizeof(buf), strlen(import_path) + strlen(file) + 1), "%s/%s", import_path, file);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:186:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SOAP_SNPRINTF(buf, sizeof(buf), strlen(import_path) + strlen(file) + 1), "%s/%s", import_path, file);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:266:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(t) + strlen(def);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:266:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(t) + strlen(def);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:316:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri[strlen(uri) - 1] = '\0';
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:321:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri[strlen(uri) - 1] = '\0';
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:418:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(soap_context) + 67;
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:622:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(mapfile))
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:655:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:667:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:801:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(prefix + 1);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:885:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(buf);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:891:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(buf);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:945:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:995:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1010:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1048:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t k = strlen(r);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1049:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1083:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1170:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1171:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(r);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1181:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1184:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1238:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name) + 1;
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1240:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(*i) + 1;
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1246:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1273:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(*i) + 1;
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1281:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1301:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(name) + 1;
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1303:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(*i) + 1;
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1309:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(t);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1338:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(type) + strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1338:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(type) + strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1829:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(format);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:1836:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(format);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:3227:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4180:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(t);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4263:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t w = strlen((*i1)->name) + 3;
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4601:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4606:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4608:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fd);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4880:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*s || strlen(s) > 20)
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4903:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*s || strlen(s) > 20)
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4983:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/gsoap-2.8.104/gsoap/wsdl/types.cpp:4991:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = (char*)emalloc(strlen(s) + 1);
data/gsoap-2.8.104/gsoap/wsdl/types.h:76:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(const char *file);
data/gsoap-2.8.104/gsoap/wsdl/wadl.cpp:498:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = s ? s - t : strlen(t);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:46:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:68:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(*i) == n && !strncmp(QName + 1, *i, n))
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:78:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI) + strlen(name) + 3;
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:78:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(URI) + strlen(name) + 3;
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:164:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(cwd, loc, relloc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:181:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int wsdl__definitions::read(int num, char **loc)
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:184:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(NULL, NULL, NULL);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:186:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(NULL, loc[0], NULL);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:199:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int wsdl__definitions::read(const char *cwd, const char *loc, const char *relloc)
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:247:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:247:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:253:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:276:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(relloc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:276:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(cwd) + strlen(relloc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:287:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:300:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:300:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:303:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:315:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(relloc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:315:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(import_path) + strlen(relloc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:318:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(location);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:399:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(cwd, soap->endpoint, NULL);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:418:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(cwd, loc, NULL);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:693:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = n + strlen(loc);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.cpp:2128:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
definitionsRef->read(source, location, relative_location);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.h:402:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(int, char**);
data/gsoap-2.8.104/gsoap/wsdl/wsdl.h:403:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(const char*, const char*, const char*);
data/gsoap-2.8.104/gsoap/wsdl/wsdl2h.cpp:175:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
definitions.read(infiles, infile);
data/gsoap-2.8.104/gsoap/wsdl/wsdl2h.cpp:415:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(proxy_host);
data/gsoap-2.8.104/gsoap/wsdl/wsdl2h.cpp:623:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(infile[0]);
ANALYSIS SUMMARY:
Hits = 3795
Lines analyzed = 386648 in approximately 14.14 seconds (27342 lines/second)
Physical Source Lines of Code (SLOC) = 269271
Hits@level = [0] 12744 [1] 1626 [2] 922 [3] 43 [4] 1204 [5] 0
Hits@level+ = [0+] 16539 [1+] 3795 [2+] 2169 [3+] 1247 [4+] 1204 [5+] 0
Hits/KSLOC@level+ = [0+] 61.4214 [1+] 14.0936 [2+] 8.05508 [3+] 4.63102 [4+] 4.47133 [5+] 0
Dot directories skipped = 48 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.