Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/harp-1.12/netcdf/v1hpg.c
Examining data/harp-1.12/netcdf/posixio.c
Examining data/harp-1.12/netcdf/utf8proc.c
Examining data/harp-1.12/netcdf/error.c
Examining data/harp-1.12/netcdf/onstack.h
Examining data/harp-1.12/netcdf/putget.c
Examining data/harp-1.12/netcdf/fbits.h
Examining data/harp-1.12/netcdf/ncx.c
Examining data/harp-1.12/netcdf/nc.h
Examining data/harp-1.12/netcdf/harp_netcdf_mangle.h
Examining data/harp-1.12/netcdf/v2i.c
Examining data/harp-1.12/netcdf/var.c
Examining data/harp-1.12/netcdf/libvers.c
Examining data/harp-1.12/netcdf/rnd.h
Examining data/harp-1.12/netcdf/netcdf.h
Examining data/harp-1.12/netcdf/ncx.h
Examining data/harp-1.12/netcdf/dim.c
Examining data/harp-1.12/netcdf/ncio.h
Examining data/harp-1.12/netcdf/utf8proc_data.h
Examining data/harp-1.12/netcdf/nc3local.h
Examining data/harp-1.12/netcdf/utf8proc.h
Examining data/harp-1.12/netcdf/string.c
Examining data/harp-1.12/netcdf/attr.c
Examining data/harp-1.12/netcdf/nc3convert.h
Examining data/harp-1.12/netcdf/nc.c
Examining data/harp-1.12/udunits2/idToUnitMap.c
Examining data/harp-1.12/udunits2/prefix.c
Examining data/harp-1.12/udunits2/status.c
Examining data/harp-1.12/udunits2/converter.h
Examining data/harp-1.12/udunits2/converter.c
Examining data/harp-1.12/udunits2/idToUnitMap.h
Examining data/harp-1.12/udunits2/error.c
Examining data/harp-1.12/udunits2/unitToIdMap.c
Examining data/harp-1.12/udunits2/xml.c
Examining data/harp-1.12/udunits2/unitAndId.h
Examining data/harp-1.12/udunits2/formatter.c
Examining data/harp-1.12/udunits2/tsearch.h
Examining data/harp-1.12/udunits2/harp_udunits2_mangle.h
Examining data/harp-1.12/udunits2/unitcore.c
Examining data/harp-1.12/udunits2/tsearch.c
Examining data/harp-1.12/udunits2/unitToIdMap.h
Examining data/harp-1.12/udunits2/udunits2.h
Examining data/harp-1.12/udunits2/ut_free_system.c
Examining data/harp-1.12/udunits2/systemMap.h
Examining data/harp-1.12/udunits2/unitAndId.c
Examining data/harp-1.12/udunits2/systemMap.c
Examining data/harp-1.12/udunits2/prefix.h
Examining data/harp-1.12/realloc.c
Examining data/harp-1.12/strncasecmp.c
Examining data/harp-1.12/tools/harpmerge/harpmerge.c
Examining data/harp-1.12/tools/harpcollocate/harpcollocate-resample.c
Examining data/harp-1.12/tools/harpcollocate/harpcollocate-update.c
Examining data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c
Examining data/harp-1.12/tools/harpcollocate/harpcollocate.c
Examining data/harp-1.12/tools/harpcheck/harpcheck.c
Examining data/harp-1.12/tools/harpdump/harpdump.c
Examining data/harp-1.12/tools/harpconvert/harpconvert.c
Examining data/harp-1.12/R/harp.c
Examining data/harp-1.12/expat/xmlrole.h
Examining data/harp-1.12/expat/siphash.h
Examining data/harp-1.12/expat/xmltok.h
Examining data/harp-1.12/expat/xmltok_impl.c
Examining data/harp-1.12/expat/xmltok.c
Examining data/harp-1.12/expat/ascii.h
Examining data/harp-1.12/expat/nametab.h
Examining data/harp-1.12/expat/internal.h
Examining data/harp-1.12/expat/iasciitab.h
Examining data/harp-1.12/expat/harp_expat_mangle.h
Examining data/harp-1.12/expat/expat_external.h
Examining data/harp-1.12/expat/latin1tab.h
Examining data/harp-1.12/expat/loadlibrary.c
Examining data/harp-1.12/expat/expat.h
Examining data/harp-1.12/expat/xmltok_ns.c
Examining data/harp-1.12/expat/utf8tab.h
Examining data/harp-1.12/expat/xmlparse.c
Examining data/harp-1.12/expat/xmltok_impl.h
Examining data/harp-1.12/expat/asciitab.h
Examining data/harp-1.12/expat/xmlrole.c
Examining data/harp-1.12/vsnprintf.c
Examining data/harp-1.12/strcasecmp.c
Examining data/harp-1.12/idl/harp_idl.c
Examining data/harp-1.12/strdup.c
Examining data/harp-1.12/libharp/harp-dimension-mask.c
Examining data/harp-1.12/libharp/harp.c
Examining data/harp-1.12/libharp/harp-ingest-s5p_l1b.c
Examining data/harp-1.12/libharp/harp-ingest-geoms-lidar.c
Examining data/harp-1.12/libharp/harp-errno.c
Examining data/harp-1.12/libharp/harp-ingest-geoms-ftir.c
Examining data/harp-1.12/libharp/harp-filter.c
Examining data/harp-1.12/libharp/harp-hdf5.c
Examining data/harp-1.12/libharp/harp-ingestion-doc.c
Examining data/harp-1.12/libharp/harp-ingest-geoms-sonde.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l2_aerosol.c
Examining data/harp-1.12/libharp/harp-program.c
Examining data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c
Examining data/harp-1.12/libharp/harp-internal.h
Examining data/harp-1.12/libharp/harp-ingest-aeolus_l2a.c
Examining data/harp-1.12/libharp/harp-derived-variable-list.c
Examining data/harp-1.12/libharp/harp-ingest-sciamachy_l1.c
Examining data/harp-1.12/libharp/harp-csv.c
Examining data/harp-1.12/libharp/harp-operation.c
Examining data/harp-1.12/libharp/harp-csv.h
Examining data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c
Examining data/harp-1.12/libharp/harp-regrid.c
Examining data/harp-1.12/libharp/harp-ingest-iasi_l1.c
Examining data/harp-1.12/libharp/harp-variable.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l2_ghg.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l4_o3_np.c
Examining data/harp-1.12/libharp/harp-ingest-temis.c
Examining data/harp-1.12/libharp/harp-area-mask.c
Examining data/harp-1.12/libharp/harp-ingest-ecmwf-grib.c
Examining data/harp-1.12/libharp/harp-ingest-aeolus_l1b.c
Examining data/harp-1.12/libharp/harp-derived-variable.c
Examining data/harp-1.12/libharp/harp-ingest-gomos_l2.c
Examining data/harp-1.12/libharp/harp-ingest-cloudnet_l2.c
Examining data/harp-1.12/libharp/harp-ingest-sciamachy_l2.c
Examining data/harp-1.12/libharp/harp-filter-collocation.c
Examining data/harp-1.12/libharp/harp-filter-collocation.h
Examining data/harp-1.12/libharp/harp-ingest-calipso_l2.c
Examining data/harp-1.12/libharp/harp-area-mask.h
Examining data/harp-1.12/libharp/hashtable.h
Examining data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c
Examining data/harp-1.12/libharp/harp-product-metadata.c
Examining data/harp-1.12/libharp/harp-ingest-osiris_l2.c
Examining data/harp-1.12/libharp/harp-ingestion.h
Examining data/harp-1.12/libharp/harp-aux-afgl86.c
Examining data/harp-1.12/libharp/harp-program.h
Examining data/harp-1.12/libharp/harp-ingest-gome_l2.c
Examining data/harp-1.12/libharp/harp-ingest-tes_l2.c
Examining data/harp-1.12/libharp/harp-chemistry.c
Examining data/harp-1.12/libharp/harp-ingest-gomos_l1.c
Examining data/harp-1.12/libharp/harp-ingest-geoms-uvvis-dobson.c
Examining data/harp-1.12/libharp/harp-ingestion-options.c
Examining data/harp-1.12/libharp/harp-geometry-sphere-line.c
Examining data/harp-1.12/libharp/harp-utils.c
Examining data/harp-1.12/libharp/harp-sea-surface.c
Examining data/harp-1.12/libharp/ipow.h
Examining data/harp-1.12/libharp/harp-ingest-cci_l3_o3_ttoc.c
Examining data/harp-1.12/libharp/harp-geometry-util.c
Examining data/harp-1.12/libharp/harp-ingest-geoms-mwr.c
Examining data/harp-1.12/libharp/harp-hdf4.c
Examining data/harp-1.12/libharp/harp-units.c
Examining data/harp-1.12/libharp/harp-ingest-mipas_l1.c
Examining data/harp-1.12/libharp/harp-ingest-omi_l3.c
Examining data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_totals_l2.c
Examining data/harp-1.12/libharp/harp-ingest-geoms-tccon.c
Examining data/harp-1.12/libharp/harp-geometry-vector3d.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l3_o3_lp.c
Examining data/harp-1.12/libharp/harp-vertical-profiles.h
Examining data/harp-1.12/libharp/harp-ingest-cci_l2_o3_lp.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l3_o3_tc.c
Examining data/harp-1.12/libharp/harp-ingest-npp-suomi-crimss_l2.c
Examining data/harp-1.12/libharp/harp-chemistry.h
Examining data/harp-1.12/libharp/harp-netcdf.c
Examining data/harp-1.12/libharp/harp-geometry-sphere-euler.c
Examining data/harp-1.12/libharp/harp-product.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l2_o3_tc.c
Examining data/harp-1.12/libharp/harp-ingest-mipas_l2.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l3_o3_np.c
Examining data/harp-1.12/libharp/harp-filter.h
Examining data/harp-1.12/libharp/harp-ingest-aeolus_l2b.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l3_ghg.c
Examining data/harp-1.12/libharp/harp-ingest-qa4ecv.c
Examining data/harp-1.12/libharp/harp-vertical-profiles.c
Examining data/harp-1.12/libharp/harp-ingest-earlinet_l2.c
Examining data/harp-1.12/libharp/harp-dataset.c
Examining data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c
Examining data/harp-1.12/libharp/harp-ingest-gosat_fts_l2.c
Examining data/harp-1.12/libharp/harp-binning.c
Examining data/harp-1.12/libharp/harp-ingestion-module.c
Examining data/harp-1.12/libharp/harp-ingest-gome2_l1.c
Examining data/harp-1.12/libharp/harp-ingest-gosat_fts_l1b.c
Examining data/harp-1.12/libharp/harp-geometry-sphere-polygon.c
Examining data/harp-1.12/libharp/harp-ingest-hirdls_l2.c
Examining data/harp-1.12/libharp/harp-ingest-smr_l2.c
Examining data/harp-1.12/libharp/harp-operation.h
Examining data/harp-1.12/libharp/harp-aux-usstd76.c
Examining data/harp-1.12/libharp/harp-dimension-mask.h
Examining data/harp-1.12/libharp/harp-ingest-iasi_l2.c
Examining data/harp-1.12/libharp/harp-ingestion.c
Examining data/harp-1.12/libharp/harp-ingest-geoms-pandora.c
Examining data/harp-1.12/libharp/harp-ingest-s5p_l2.c
Examining data/harp-1.12/libharp/harp-interpolation.c
Examining data/harp-1.12/libharp/harp-ingest-gome2_l2.c
Examining data/harp-1.12/libharp/harp-ingest-mls_l2.c
Examining data/harp-1.12/libharp/harp-analysis.c
Examining data/harp-1.12/libharp/harp-geometry.h
Examining data/harp-1.12/libharp/harp-geometry-sphere-point.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l2_o3_np.c
Examining data/harp-1.12/libharp/hashtable.c
Examining data/harp-1.12/libharp/harp-constants.h
Examining data/harp-1.12/libharp/harp-ingest-gome_l1.c
Examining data/harp-1.12/libharp/harp-ingest-omi_l2.c
Examining data/harp-1.12/libharp/harp-ingest-cci_l3_o3_lntoc.c
Examining data/harp-1.12/libharp/harp-collocation.c
Examining data/harp-1.12/matlab/harp-matlab-product.c
Examining data/harp-1.12/matlab/harp-matlab.h
Examining data/harp-1.12/matlab/harp_matlab.c
Examining data/harp-1.12/malloc.c
FINAL RESULTS:
data/harp-1.12/expat/loadlibrary.c:120:9: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
_tcscpy(path + _tcslen(path), TEXT("\\"));
data/harp-1.12/expat/loadlibrary.c:121:9: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
_tcscpy(path + _tcslen(path), filename);
data/harp-1.12/expat/xmlparse.c:108:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
to the build system, please open a bug. Thank you!
data/harp-1.12/libharp/harp-dataset.c:320:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pattern, "%s\\*.*", pathname);
data/harp-1.12/libharp/harp-dataset.c:350:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filepath, "%s\\%s", pathname, FileData.cFileName);
data/harp-1.12/libharp/harp-dataset.c:408:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filepath, "%s/%s", pathname, dp->d_name);
data/harp-1.12/libharp/harp-derived-variable.c:147:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&dimsvar_name[HARP_MAX_NUM_DIMS], variable_name);
data/harp-1.12/libharp/harp-errno.c:197:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(&harp_error_message_buffer[current_length], MAX_ERROR_INFO_LENGTH - current_length, message, ap);
data/harp-1.12/libharp/harp-errno.c:220:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(harp_error_message_buffer, MAX_ERROR_INFO_LENGTH, message, ap);
data/harp-1.12/libharp/harp-hdf4.c:1069:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dimension_str, get_dimension_type_name(dimension_type[i]));
data/harp-1.12/libharp/harp-hdf5.c:326:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&name[15], variable->name);
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:637:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (sscanf(s, " %s%n", name, &bytes_read) > 0)
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:649:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (sscanf(s, " %s%n", name, &bytes_read) > 0)
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:658:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name_plus_extra, "%s %s", info->field_names[field_nr - 1], name);
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:896:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description, "volume mixing ratio for %s", species_name);
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:897:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(field_name, "%s_volume_mixing_ratio", species_name);
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:901:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/data section/%s", species_name);
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:905:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description,
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:908:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(field_name, "%s_volume_mixing_ratio_uncertainty", species_name);
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:912:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/data section/%s_err", species_name);
data/harp-1.12/libharp/harp-ingest-cci_l2_aerosol.c:252:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldname, "/%s%ld", info->aod_fieldname, info->aod_wavelengths[i]);
data/harp-1.12/libharp/harp-ingest-cci_l2_aerosol.c:272:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldname, "/%s%ld_%s", info->aod_fieldname, info->aod_wavelengths[i], info->aod_uncertainty_name);
data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c:213:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fieldname, info->aod_fieldname, info->aod_wavelengths[i]);
data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c:245:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fieldname, info->aod_uncertainty_name, info->aod_wavelengths[i]);
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:136:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(field_name, field_code);
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:544:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/All_Data/OMPS_NP_%s_All/latitude_v8", swath_part);
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:553:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/All_Data/OMPS_NP_%s_ALL/longitude_v8", swath_part);
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:563:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/All_Data/OMPS_NP_%s_All/latitude_v8", swath_part);
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:573:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/All_Data/OMPS_NP_%s_ALL/longitude_v8", swath_part);
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:621:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/All_Data/OMPS_NP_%s_All/mixing_ratio_v8", swath_part);
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:630:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/All_Data/OMPS_NP_%s_All/mixing_ratio_press_v8", swath_part);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:587:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "TES_L2_%s_Nadir", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:588:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description, "TES %s nadir profile", gas_name);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:596:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sNadirSwath/Geolocation_Fields/Time[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:600:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sNadirSwath/Geolocation_Fields/Longitude[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:602:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sNadirSwath/Geolocation_Fields/Latitude[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:606:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sNadirSwath/Data_Fields/Altitude[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:610:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sNadirSwath/Data_Fields/Pressure[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:614:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s_volume_mixing_ratio", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:615:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description, "%s volume mixing ratio", gas_name);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:616:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sNadirSwath/Data_Fields/%s[]", gas_code, gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:623:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s_volume_mixing_ratio_uncertainty", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:624:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description, "%s volume mixing ratio precision", gas_name);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:625:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sNadirSwath/Data_Fields/%sPrecision[]", gas_code, gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:644:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "TES_L2_%s_Limb", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:645:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description, "TES %s limb profile", gas_name);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:653:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sLimbSwath/Geolocation_Fields/Time[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:657:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sLimbSwath/Geolocation_Fields/Longitude[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:659:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sLimbSwath/Geolocation_Fields/Latitude[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:663:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sLimbSwath/Data_Fields/Altitude[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:667:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sLimbSwath/Data_Fields/Pressure[]", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:671:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s_volume_mixing_ratio", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:672:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description, "%s volume mixing ratio", gas_name);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:673:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sLimbSwath/Data_Fields/%s[]", gas_code, gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:680:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s_volume_mixing_ratio_uncertainty", gas_code);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:681:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description, "%s volume mixing ratio precision", gas_name);
data/harp-1.12/libharp/harp-ingest-tes_l2.c:682:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "/HDFEOS/SWATHS/%sLimbSwath/Data_Fields/%sPrecision[]", gas_code, gas_code);
data/harp-1.12/libharp/harp-ingestion-doc.c:53:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return vsnprintf(NULL, 0, format, ap);
data/harp-1.12/libharp/harp-ingestion-doc.c:87:14: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
length = vfprintf(fout, format, ap);
data/harp-1.12/libharp/harp-ingestion-doc.c:812:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s/index.rst", path);
data/harp-1.12/libharp/harp-ingestion-doc.c:839:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s/%s.rst", path, product_definition->name);
data/harp-1.12/libharp/harp-ingestion-module.c:1080:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(new_description, mapping_description);
data/harp-1.12/libharp/harp-product.c:110:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(arguments, argv[i]);
data/harp-1.12/libharp/harp-product.c:115:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(arguments, argv[i]);
data/harp-1.12/libharp/harp-product.c:1679:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, product->history);
data/harp-1.12/libharp/harp-product.c:1684:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buffer[strlen(buffer)], "%04d-%02d-%02dT%02d:%02d:%02dZ [harp-%s] ", tmnow->tm_year + 1900,
data/harp-1.12/libharp/harp-product.c:1686:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, executable);
data/harp-1.12/libharp/harp-product.c:1688:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, arguments);
data/harp-1.12/libharp/harp-regrid.c:280:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bounds_name, grid->name);
data/harp-1.12/libharp/harp-utils.c:245:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filepath, "%s/%s", path_component, filename);
data/harp-1.12/libharp/harp-utils.c:383:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filepath, argv0);
data/harp-1.12/libharp/harp-variable.c:222:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&(*flag_meanings)[pos], variable->enum_name[i]);
data/harp-1.12/netcdf/posixio.c:1393:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy((char *)nciop->path, path); /* cast away const */
data/harp-1.12/netcdf/v2i.c:378:10: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stderr,fmt,args);
data/harp-1.12/tools/harpcheck/harpcheck.c:48:14: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result = vfprintf(stderr, message, ap);
data/harp-1.12/tools/harpcheck/harpcheck.c:127:45: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
status = harp_import_test(filename, printf);
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:751:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(info->collocation_result->difference_variable_name[i], info->criterium[i]->variable_name);
data/harp-1.12/tools/harpcollocate/harpcollocate.c:51:14: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result = vfprintf(stderr, message, ap);
data/harp-1.12/tools/harpconvert/harpconvert.c:48:14: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result = vfprintf(stderr, message, ap);
data/harp-1.12/tools/harpdump/harpdump.c:48:14: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result = vfprintf(stderr, message, ap);
data/harp-1.12/tools/harpdump/harpdump.c:180:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
return harp_doc_list_conversions(NULL, variable_name, printf);
data/harp-1.12/tools/harpdump/harpdump.c:190:59: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (harp_doc_list_conversions(product, variable_name, printf) != 0)
data/harp-1.12/tools/harpdump/harpdump.c:241:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
harp_dataset_print(dataset, printf);
data/harp-1.12/tools/harpdump/harpdump.c:330:55: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
harp_product_print(product, !list, data && !list, printf);
data/harp-1.12/tools/harpmerge/harpmerge.c:47:14: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result = vfprintf(stderr, message, ap);
data/harp-1.12/udunits2/error.c:42:18: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int nbytes = vfprintf(stderr, fmt, args);
data/harp-1.12/udunits2/formatter.c:883:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = snprintf(buf, size, needParens ? "(%.*g " : "%.*g ", DBL_DIG,
data/harp-1.12/udunits2/formatter.c:1059:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = snprintf(buf+nchar, size,
data/harp-1.12/udunits2/formatter.c:1077:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = snprintf(buf+nchar, size,
data/harp-1.12/udunits2/formatter.c:1222:14: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
nchar = snprintf(buf, size,
data/harp-1.12/udunits2/idToUnitMap.c:270:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(IdToUnitMap**)smSearch(*systemMap, system);
data/harp-1.12/udunits2/idToUnitMap.c:308:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system)
data/harp-1.12/udunits2/idToUnitMap.c:317:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(IdToUnitMap**)smFind(systemMap, system);
data/harp-1.12/udunits2/idToUnitMap.c:372:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system,
data/harp-1.12/udunits2/idToUnitMap.c:377:53: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_set_status(unmapId(systemToNameToUnit, name, system));
data/harp-1.12/udunits2/idToUnitMap.c:426:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system,
data/harp-1.12/udunits2/idToUnitMap.c:431:57: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_set_status(unmapId(systemToSymbolToUnit, symbol, system));
data/harp-1.12/udunits2/idToUnitMap.c:454:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system,
data/harp-1.12/udunits2/idToUnitMap.c:469:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(IdToUnitMap**)smFind(systemMap, system);
data/harp-1.12/udunits2/idToUnitMap.c:501:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system,
data/harp-1.12/udunits2/idToUnitMap.c:506:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return getUnitById(systemToNameToUnit, system, name);
data/harp-1.12/udunits2/idToUnitMap.c:529:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system,
data/harp-1.12/udunits2/idToUnitMap.c:534:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return getUnitById(systemToSymbolToUnit, system, symbol);
data/harp-1.12/udunits2/idToUnitMap.c:547:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system)
data/harp-1.12/udunits2/idToUnitMap.c:549:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system != NULL) {
data/harp-1.12/udunits2/idToUnitMap.c:559:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(IdToUnitMap**)smFind(systemMaps[i], system);
data/harp-1.12/udunits2/idToUnitMap.c:564:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
smRemove(systemMaps[i], system);
data/harp-1.12/udunits2/idToUnitMap.h:28:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system);
data/harp-1.12/udunits2/prefix.c:273:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.c:300:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(PrefixToValueMap**)smSearch(*systemMap, system);
data/harp-1.12/udunits2/prefix.c:349:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.c:353:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_set_status(addPrefix(system, name, value, &systemToNameToValue,
data/harp-1.12/udunits2/prefix.c:378:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.c:382:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_set_status(addPrefix(system, symbol, value, &systemToSymbolToValue,
data/harp-1.12/udunits2/prefix.c:414:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.c:433:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(PrefixToValueMap**)smFind(systemMap, system);
data/harp-1.12/udunits2/prefix.c:479:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.c:487:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
: findPrefix(system, systemToNameToValue, string, value, len);
data/harp-1.12/udunits2/prefix.c:509:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.c:517:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
: findPrefix(system, systemToSymbolToValue, string, value, len);
data/harp-1.12/udunits2/prefix.h:31:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.h:53:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.h:75:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/prefix.h:98:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/systemMap.c:35:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* system;
data/harp-1.12/udunits2/systemMap.c:56:56: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system1 = ((Entry*)entry1)->system;
data/harp-1.12/udunits2/systemMap.c:57:56: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system2 = ((Entry*)entry2)->system;
data/harp-1.12/udunits2/systemMap.c:97:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const void* const system)
data/harp-1.12/udunits2/systemMap.c:102:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
targetEntry.system = system;
data/harp-1.12/udunits2/systemMap.c:127:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const void* system)
data/harp-1.12/udunits2/systemMap.c:135:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
targetEntry->system = system;
data/harp-1.12/udunits2/systemMap.c:164:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const void* const system)
data/harp-1.12/udunits2/systemMap.c:169:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
targetEntry.system = system;
data/harp-1.12/udunits2/systemMap.h:46:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const void* const system);
data/harp-1.12/udunits2/systemMap.h:64:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const void* system);
data/harp-1.12/udunits2/systemMap.h:77:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const void* const system);
data/harp-1.12/udunits2/udunits2.h:50:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#ifndef snprintf
data/harp-1.12/udunits2/udunits2.h:51:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf c99_snprintf
data/harp-1.12/udunits2/udunits2.h:293:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system);
data/harp-1.12/udunits2/udunits2.h:326:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system);
data/harp-1.12/udunits2/udunits2.h:347:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system,
data/harp-1.12/udunits2/udunits2.h:370:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system,
data/harp-1.12/udunits2/udunits2.h:414:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/udunits2.h:437:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/udunits2.h:463:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system);
data/harp-1.12/udunits2/udunits2.h:484:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system);
data/harp-1.12/udunits2/udunits2.h:579:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system,
data/harp-1.12/udunits2/udunits2.h:685:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system,
data/harp-1.12/udunits2/udunits2.h:1111:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system,
data/harp-1.12/udunits2/unitToIdMap.c:800:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system)
data/harp-1.12/udunits2/unitToIdMap.c:802:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system != NULL) {
data/harp-1.12/udunits2/unitToIdMap.c:812:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(UnitToIdMap**)smFind(systemMaps[i], system);
data/harp-1.12/udunits2/unitToIdMap.c:817:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
smRemove(systemMaps[i], system);
data/harp-1.12/udunits2/unitToIdMap.h:25:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system);
data/harp-1.12/udunits2/unitcore.c:150:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system;
data/harp-1.12/udunits2/unitcore.c:210:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/unitcore.c:594:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system,
data/harp-1.12/udunits2/unitcore.c:597:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
assert(system != NULL);
data/harp-1.12/udunits2/unitcore.c:601:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
common->system = (ut_system*)system;
data/harp-1.12/udunits2/unitcore.c:634:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/unitcore.c:644:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
assert(system != NULL);
data/harp-1.12/udunits2/unitcore.c:646:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
product = productNew(system, &shortIndex, &power, 1);
data/harp-1.12/udunits2/unitcore.c:663:53: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (commonInit(&basicUnit->common, &basicOps, system,
data/harp-1.12/udunits2/unitcore.c:695:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return (ut_unit*)basicNew(unit->common.system, unit->basic.isDimensionless,
data/harp-1.12/udunits2/unitcore.c:914:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/unitcore.c:921:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
assert(system != NULL);
data/harp-1.12/udunits2/unitcore.c:937:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (commonInit(&productUnit->common, &productOps, system, PRODUCT)
data/harp-1.12/udunits2/unitcore.c:1000:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
clone = (ut_unit*)productNew(unit->common.system,
data/harp-1.12/udunits2/unitcore.c:1180:51: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = (ut_unit*)productNew(unit1->common.system,
data/harp-1.12/udunits2/unitcore.c:1241:56: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = (ut_unit*)productNew(unit->common.system,
data/harp-1.12/udunits2/unitcore.c:1322:60: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
result = (ut_unit*)productNew(unit->common.system,
data/harp-1.12/udunits2/unitcore.c:1426:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system = unit1->common.system;
data/harp-1.12/udunits2/unitcore.c:1577:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system;
data/harp-1.12/udunits2/unitcore.c:1585:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system = unit->common.system;
data/harp-1.12/udunits2/unitcore.c:1652:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
unit->common.system, GALILEAN) == 0) {
data/harp-1.12/udunits2/unitcore.c:2084:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
unit->common.system, TIMESTAMP) == 0) {
data/harp-1.12/udunits2/unitcore.c:2368:62: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (commonInit(&logUnit->common, &logOps, reference->common.system,
data/harp-1.12/udunits2/unitcore.c:2740:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system->one = (ut_unit*)productNew(system, NULL, NULL, 0);
data/harp-1.12/udunits2/unitcore.c:2745:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
free(system);
data/harp-1.12/udunits2/unitcore.c:2750:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return system;
data/harp-1.12/udunits2/unitcore.c:2762:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system)
data/harp-1.12/udunits2/unitcore.c:2764:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system != NULL) {
data/harp-1.12/udunits2/unitcore.c:2778:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
free(system);
data/harp-1.12/udunits2/unitcore.c:2798:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const ut_system* const system)
data/harp-1.12/udunits2/unitcore.c:2832:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system;
data/harp-1.12/udunits2/unitcore.c:2842:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system = unit->common.system;
data/harp-1.12/udunits2/unitcore.c:2845:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return system;
data/harp-1.12/udunits2/unitcore.c:2876:53: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
sameSystem = unit1->common.system == unit2->common.system;
data/harp-1.12/udunits2/unitcore.c:2898:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system,
data/harp-1.12/udunits2/unitcore.c:2908:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
basicUnit = basicNew(system, isDimensionless, system->basicCount);
data/harp-1.12/udunits2/unitcore.c:2968:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system)
data/harp-1.12/udunits2/unitcore.c:2970:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
BasicUnit* basicUnit = newBasicUnit(system, 0);
data/harp-1.12/udunits2/unitcore.c:2994:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* const system)
data/harp-1.12/udunits2/unitcore.c:2996:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return (ut_unit*)newBasicUnit(system, 1);
data/harp-1.12/udunits2/unitcore.c:3025:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system = second->common.system;
data/harp-1.12/udunits2/unitcore.c:3073:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (unit1->common.system < unit2->common.system) {
data/harp-1.12/udunits2/unitcore.c:3073:51: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (unit1->common.system < unit2->common.system) {
data/harp-1.12/udunits2/unitcore.c:3076:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (unit1->common.system > unit2->common.system) {
data/harp-1.12/udunits2/unitcore.c:3076:51: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (unit1->common.system > unit2->common.system) {
data/harp-1.12/udunits2/unitcore.c:3250:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (unit1->common.system != unit2->common.system) {
data/harp-1.12/udunits2/unitcore.c:3250:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (unit1->common.system != unit2->common.system) {
data/harp-1.12/udunits2/unitcore.c:3318:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (numer->common.system != denom->common.system) {
data/harp-1.12/udunits2/unitcore.c:3318:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (numer->common.system != denom->common.system) {
data/harp-1.12/udunits2/unitcore.c:3519:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (unit1->common.system != unit2->common.system) {
data/harp-1.12/udunits2/unitcore.c:3519:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (unit1->common.system != unit2->common.system) {
data/harp-1.12/udunits2/unitcore.c:3577:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (from->common.system != to->common.system) {
data/harp-1.12/udunits2/unitcore.c:3577:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
else if (from->common.system != to->common.system) {
data/harp-1.12/udunits2/ut_free_system.c:19:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern void coreFreeSystem(ut_system* system);
data/harp-1.12/udunits2/ut_free_system.c:32:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ut_system* system)
data/harp-1.12/udunits2/ut_free_system.c:34:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system != NULL) {
data/harp-1.12/udunits2/ut_free_system.c:35:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
itumFreeSystem(system);
data/harp-1.12/udunits2/ut_free_system.c:36:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
utimFreeSystem(system);
data/harp-1.12/udunits2/ut_free_system.c:37:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
coreFreeSystem(system);
data/harp-1.12/udunits2/xml.c:128:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(buf, singular);
data/harp-1.12/udunits2/xml.c:397:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(nonNbsp, latin1);
data/harp-1.12/udunits2/xml.c:436:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(nonNbsp, utf8);
data/harp-1.12/udunits2/xml.c:484:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(ids->ascii, id);
data/harp-1.12/udunits2/xml.c:1813:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(buf, sizeof(buf),
data/harp-1.12/udunits2/xml.c:2107:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(base, dirname(tmp));
data/harp-1.12/vsnprintf.c:8:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(const *str, size_t size, const char *format, va_list ap)
data/harp-1.12/vsnprintf.c:14:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
return vsprintf(str, format, ap);
data/harp-1.12/R/harp.c:946:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("CODA_DEFINITION") == NULL)
data/harp-1.12/R/harp.c:954:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("UDUNITS2_XML_PATH") == NULL)
data/harp-1.12/expat/loadlibrary.c:101:7: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
LoadLibrary(filename);
data/harp-1.12/expat/loadlibrary.c:127:11: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
LoadLibrary(path);
data/harp-1.12/expat/xmlparse.c:833:44: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char * const EXPAT_ENTROPY_DEBUG = getenv("EXPAT_ENTROPY_DEBUG");
data/harp-1.12/idl/harp_idl.c:80:67: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
harp_set_coda_definition_path_conditional("harp_idl.dlm", getenv("IDL_DLM_PATH"),
data/harp-1.12/idl/harp_idl.c:82:64: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
harp_set_udunits2_xml_path_conditional("harp_idl.dlm", getenv("IDL_DLM_PATH"),
data/harp-1.12/libharp/harp-geometry-sphere-polygon.c:491:17: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)counter);
data/harp-1.12/libharp/harp-units.c:200:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("UDUNITS2_XML_PATH") != NULL)
data/harp-1.12/libharp/harp-utils.c:365:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (*location == NULL && getenv("PATH") != NULL)
data/harp-1.12/libharp/harp-utils.c:367:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (harp_path_find_file(getenv("PATH"), argv0, location) != 0)
data/harp-1.12/libharp/harp-utils.c:390:38: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (*location == NULL && getenv("PATH") != NULL)
data/harp-1.12/libharp/harp-utils.c:392:41: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (harp_path_find_file(getenv("PATH"), filepath, location) != 0)
data/harp-1.12/libharp/harp-utils.c:401:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("PATH") != NULL)
data/harp-1.12/libharp/harp-utils.c:403:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (harp_path_find_file(getenv("PATH"), argv0, location) != 0)
data/harp-1.12/libharp/harp.c:166:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("HARP_AUX_AFGL86") != NULL)
data/harp-1.12/libharp/harp.c:170:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("HARP_AUX_USSTD76") != NULL)
data/harp-1.12/matlab/harp_matlab.c:43:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("CODA_DEFINITION") == NULL || getenv("UDUNITS2_XML_PATH") == NULL)
data/harp-1.12/matlab/harp_matlab.c:43:46: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("CODA_DEFINITION") == NULL || getenv("UDUNITS2_XML_PATH") == NULL)
data/harp-1.12/udunits2/xml.c:2152:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = getenv("UDUNITS2_XML_PATH");
data/harp-1.12/R/harp.c:7:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *dimension_name[6] = {
data/harp-1.12/R/harp.c:16:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *data_types[6] = {
data/harp-1.12/expat/siphash.h:143:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8], *p;
data/harp-1.12/expat/siphash.h:292:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char vectors[64][8] = {
data/harp-1.12/expat/siphash.h:358:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[64];
data/harp-1.12/expat/xmlparse.c:108:33: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
to the build system, please open a bug. Thank you!
data/harp-1.12/expat/xmlparse.c:168:24: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memmove(d,s,l) bcopy((s),(d),(l))
data/harp-1.12/expat/xmlparse.c:281:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
XML_Bool open;
data/harp-1.12/expat/xmlparse.c:721:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open("/dev/urandom", O_RDONLY);
data/harp-1.12/expat/xmlparse.c:1932:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parser->m_buffer, end, nLeftOver);
data/harp-1.12/expat/xmlparse.c:1948:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, s, len);
data/harp-1.12/expat/xmlparse.c:2093:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newBuf, &parser->m_bufferPtr[-keep],
data/harp-1.12/expat/xmlparse.c:2108:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newBuf, parser->m_bufferPtr,
data/harp-1.12/expat/xmlparse.c:2537:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rawNameBuf, tag->rawName, tag->rawNameLength);
data/harp-1.12/expat/xmlparse.c:2790:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (entity->open)
data/harp-1.12/expat/xmlparse.c:3535:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uri, binding->uri, binding->uriLen * sizeof(XML_Char));
data/harp-1.12/expat/xmlparse.c:3544:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uri, localPart, i * sizeof(XML_Char));
data/harp-1.12/expat/xmlparse.c:3549:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uri + 1, binding->prefix->name, prefixLen * sizeof(XML_Char));
data/harp-1.12/expat/xmlparse.c:3652:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b->uri, uri, len * sizeof(XML_Char));
data/harp-1.12/expat/xmlparse.c:3931:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encodingBuf[128];
data/harp-1.12/expat/xmlparse.c:5104:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (entity->open)
data/harp-1.12/expat/xmlparse.c:5646:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (entity->open) {
data/harp-1.12/expat/xmlparse.c:5763:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (entity->open) {
data/harp-1.12/expat/xmlparse.c:6234:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!e->open)
data/harp-1.12/expat/xmlparse.c:6973:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pool->blocks->s, pool->start,
data/harp-1.12/expat/xmlparse.c:7053:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tem->s, pool->start,
data/harp-1.12/expat/xmlparse.c:7213:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, s, charsRequired * sizeof(XML_Char));
data/harp-1.12/expat/xmltok.c:206:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char type[256];
data/harp-1.12/expat/xmltok.c:422:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*toP, *fromP, bytesToCopy);
data/harp-1.12/expat/xmltok.c:1094:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/harp-1.12/expat/xmltok.c:1129:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
char open;
data/harp-1.12/expat/xmltok.c:1188:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (c == open)
data/harp-1.12/expat/xmltok.c:1396:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8[256][4];
data/harp-1.12/expat/xmltok.c:1441:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XML_UTF8_ENCODE_MAX];
data/harp-1.12/expat/xmltok.c:1463:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*toP, utf8, n);
data/harp-1.12/expat/xmltok.c:1502:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)mem)[i] = ((char *)&latin1_encoding)[i];
data/harp-1.12/expat/xmltok_impl.c:610:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open;
data/harp-1.12/expat/xmltok_impl.c:620:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
switch (open) {
data/harp-1.12/expat/xmltok_impl.c:636:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (t == open)
data/harp-1.12/expat/xmltok_impl.c:964:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
PREFIX(scanLit)(int open, const ENCODING *enc,
data/harp-1.12/expat/xmltok_impl.c:975:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (t != open)
data/harp-1.12/expat/xmltok_impl.c:1538:60: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
|| BYTE_TYPE(enc, ptr + MINBPC(enc)) == open))
data/harp-1.12/expat/xmltok_ns.c:102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ENCODING_MAX];
data/harp-1.12/idl/harp_idl.c:159:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[1001];
data/harp-1.12/idl/harp_idl.c:511:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, source, num_elements * sizeof(int8_t));
data/harp-1.12/idl/harp_idl.c:514:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, source, num_elements * sizeof(int16_t));
data/harp-1.12/idl/harp_idl.c:517:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, source, num_elements * sizeof(int32_t));
data/harp-1.12/idl/harp_idl.c:520:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, source, num_elements * sizeof(float));
data/harp-1.12/idl/harp_idl.c:523:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, source, num_elements * sizeof(double));
data/harp-1.12/idl/harp_idl.c:531:69: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
IDL_StrStore(&((IDL_STRING *)destination)[i], ((char **)source)[i]);
data/harp-1.12/libharp/harp-area-mask.c:316:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(*polygon)->point, point_array, num_points * sizeof(harp_spherical_point));
data/harp-1.12/libharp/harp-area-mask.c:334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HARP_CSV_LINE_LENGTH + 1];
data/harp-1.12/libharp/harp-area-mask.c:418:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(filename, "r");
data/harp-1.12/libharp/harp-binning.c:212:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char variable_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-binning.c:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char variable_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-binning.c:343:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(count, count_variable->data.int32_data, count_variable->num_elements * sizeof(int32_t));
data/harp-1.12/libharp/harp-binning.c:418:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(weight, weight_variable->data.float_data, weight_variable->num_elements * sizeof(float));
data/harp-1.12/libharp/harp-binning.c:440:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char count_variable_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-binning.c:450:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(count_variable_name, "count");
data/harp-1.12/libharp/harp-binning.c:475:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable->data.int32_data, count, variable->num_elements * sizeof(int32_t));
data/harp-1.12/libharp/harp-binning.c:502:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight_variable_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-binning.c:512:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(weight_variable_name, "weight");
data/harp-1.12/libharp/harp-binning.c:528:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable->data.float_data, weight, variable->num_elements * sizeof(float));
data/harp-1.12/libharp/harp-binning.c:976:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(poly_latitude, &latitude_bounds->data.double_data[i * max_num_vertices],
data/harp-1.12/libharp/harp-binning.c:978:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(poly_longitude, &longitude_bounds->data.double_data[i * max_num_vertices],
data/harp-1.12/libharp/harp-collocation.c:782:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HARP_CSV_LINE_LENGTH + 1];
data/harp-1.12/libharp/harp-collocation.c:876:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HARP_CSV_LINE_LENGTH + 1];
data/harp-1.12/libharp/harp-collocation.c:1019:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(collocation_result_filename, "r");
data/harp-1.12/libharp/harp-collocation.c:1153:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(collocation_result_filename, "w");
data/harp-1.12/libharp/harp-dataset.c:196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HARP_CSV_LINE_LENGTH + 1];
data/harp-1.12/libharp/harp-dataset.c:248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HARP_MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-dataset.c:252:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(filename, "r");
data/harp-1.12/libharp/harp-dataset.c:982:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HARP_CSV_LINE_LENGTH + 1];
data/harp-1.12/libharp/harp-dataset.c:1000:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(operation->filename, "r");
data/harp-1.12/libharp/harp-derived-variable-list.c:295:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable->data.ptr, source_variable[0]->data.ptr,
data/harp-1.12/libharp/harp-derived-variable-list.c:477:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable->data.ptr, source_variable[0]->data.ptr,
data/harp-1.12/libharp/harp-derived-variable-list.c:1793:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int add_time_indepedent_to_dependent_conversion(const char *variable_name, harp_data_type data_type,
data/harp-1.12/libharp/harp-derived-variable-list.c:1794:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *unit, int num_dimensions,
data/harp-1.12/libharp/harp-derived-variable-list.c:1935:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_bounds[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2044:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_bounds[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2082:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int add_uncertainty_conversions(const char *variable_name, const char *unit, int num_dimensions,
data/harp-1.12/libharp/harp-derived-variable-list.c:2082:73: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int add_uncertainty_conversions(const char *variable_name, const char *unit, int num_dimensions,
data/harp-1.12/libharp/harp-derived-variable-list.c:2086:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_uncertainty[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2087:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_uncertainty_sys[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2088:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_uncertainty_rnd[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2133:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_covariance[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2134:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit_squared[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2179:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int add_dfs_from_avk_conversion(const char *variable_name, int num_dimensions,
data/harp-1.12/libharp/harp-derived-variable-list.c:2184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_dfs[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_avk[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2226:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int add_species_conversions_for_grid(const char *species, int num_dimensions,
data/harp-1.12/libharp/harp-derived-variable-list.c:2232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_density[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_density_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_density[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_density_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_density[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_density_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_nd[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_nd_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2240:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_nd_avk[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2241:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_nd[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2242:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_nd_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_nd_avk[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_nd[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_nd_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_nd_avk[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_mmr[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_mmr_dry[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_mmr[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_mmr_dry[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_mmr[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_mmr_dry[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_vmr[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_vmr_dry[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_vmr[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_vmr_dry[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_vmr[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_vmr_dry[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2259:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_density[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_mmr[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_mmr_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_mmr_dry[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_mmr_dry_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_nd[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_nd_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_nd_avk[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_pp[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2268:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_vmr[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2269:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_vmr_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_vmr_avk[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_vmr_dry[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_vmr_dry_apriori[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:2273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_vmr_dry_avk[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:4716:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int add_particulate_matter_conversions_for_grid(const char *pm, int num_dimensions,
data/harp-1.12/libharp/harp-derived-variable-list.c:4722:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_column_density[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:4723:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_strato_column_density[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:4724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_tropo_column_density[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:4725:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_density[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:4881:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_aod[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable-list.c:4882:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_ext[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-derived-variable.c:355:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(source_info.skip, info->skip, harp_derived_variable_conversions->num_variables);
data/harp-1.12/libharp/harp-derived-variable.c:785:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(source_info.skip, info->skip, harp_derived_variable_conversions->num_variables);
data/harp-1.12/libharp/harp-dimension-mask.c:127:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dimension_mask->mask, other_dimension_mask->mask, dimension_mask->num_elements * sizeof(uint8_t));
data/harp-1.12/libharp/harp-dimension-mask.c:282:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dimension_mask->mask + i * dimension_mask->dimension[1], col_mask->mask,
data/harp-1.12/libharp/harp-dimension-mask.c:319:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dimension_mask->mask + i * dimension_mask->num_elements, dimension_mask->mask,
data/harp-1.12/libharp/harp-errno.c:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char harp_error_message_buffer[MAX_ERROR_INFO_LENGTH + 1];
data/harp-1.12/libharp/harp-filter.c:207:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target.ptr, source.ptr, num_target_elements * harp_get_size_for_type(data_type));
data/harp-1.12/libharp/harp-filter.c:540:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable->dimension, new_dimension, variable->num_dimensions * sizeof(long));
data/harp-1.12/libharp/harp-geometry-sphere-euler.c:270:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&u[0], (void *)&v[0], sizeof(u));
data/harp-1.12/libharp/harp-geometry-sphere-polygon.c:503:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tmp, (void *)ttt, offsetof(harp_spherical_polygon, point) +
data/harp-1.12/libharp/harp-hdf4.c:232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_HDF4_NAME_LENGTH + 1];
data/harp-1.12/libharp/harp-hdf4.c:270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_HDF4_NAME_LENGTH + 1];
data/harp-1.12/libharp/harp-hdf4.c:394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdf4_name[MAX_HDF4_NAME_LENGTH + 1];
data/harp-1.12/libharp/harp-hdf4.c:549:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, &buffer[i * length], length);
data/harp-1.12/libharp/harp-hdf4.c:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdf4_name[MAX_HDF4_NAME_LENGTH + 1];
data/harp-1.12/libharp/harp-hdf5.c:325:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "_nc4_non_coord_");
data/harp-1.12/libharp/harp-hdf5.c:900:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, &buffer[i * type_size], type_size);
data/harp-1.12/libharp/harp-hdf5.c:1189:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scale_name[255];
data/harp-1.12/libharp/harp-hdf5.c:1966:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataset_name[64];
data/harp-1.12/libharp/harp-hdf5.c:1968:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dataset_name, "independent_%ld", length);
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datetime_str[81];
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:633:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81], name_plus_extra[81];
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:673:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[2048];
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:708:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/harp-1.12/libharp/harp-ingest-ace_fts_l2.c:893:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[255], field_name[81], path[255];
data/harp-1.12/libharp/harp-ingest-aeolus_l1b.c:709:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-aeolus_l2b.c:374:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-aeolus_l2b.c:383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-aeolus_l2b.c:459:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:537:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[81];
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:539:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(field_name, "/Extinction_Coefficient_%d", info->wavelength);
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:546:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[81];
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:548:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(field_name, "/Extinction_Coefficient_Uncertainty_%d", info->wavelength);
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:587:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[81];
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:589:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(field_name, "/Column_Optical_Depth_Tropospheric_Aerosols_%d", info->wavelength);
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[81];
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:598:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(field_name, "/Column_Optical_Depth_Tropospheric_Aerosols_Uncertainty_%d", info->wavelength);
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:605:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[81];
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:607:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(field_name, "/Column_Optical_Depth_Stratospheric_Aerosols_%d", info->wavelength);
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:614:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[81];
data/harp-1.12/libharp/harp-ingest-calipso_l2.c:616:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(field_name, "/Column_Optical_Depth_Stratospheric_Aerosols_Uncertainty_%d", info->wavelength);
data/harp-1.12/libharp/harp-ingest-cci_l2_aerosol.c:248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldname[81];
data/harp-1.12/libharp/harp-ingest-cci_l2_aerosol.c:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldname[81];
data/harp-1.12/libharp/harp-ingest-cci_l2_o3_lp.c:151:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[4];
data/harp-1.12/libharp/harp-ingest-cci_l2_o3_np.c:318:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[11];
data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldname[81];
data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c:240:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldname[81];
data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c:285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldname[81];
data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c:290:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fieldname, "/AEX%ld", info->aod_wavelengths[i]);
data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldname[81];
data/harp-1.12/libharp/harp-ingest-cci_l3_aerosol.c:326:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fieldname, "/AEX%ld_uncertainty", info->aod_wavelengths[i]);
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[81];
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:139:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(field_name, "_corrected");
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:144:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(field_name, "_asc");
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:148:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(field_name, "_desc");
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:157:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(field_name, "_unc");
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[81];
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:227:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(field_name, "/qcflag");
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:231:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(field_name, "_asc");
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:235:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(field_name, "_desc");
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[17];
data/harp-1.12/libharp/harp-ingest-cci_l3_o3_lntoc.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_string[81];
data/harp-1.12/libharp/harp-ingest-cci_l3_o3_lp.c:358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[9];
data/harp-1.12/libharp/harp-ingest-cci_l3_o3_lp.c:408:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "01");
data/harp-1.12/libharp/harp-ingest-cci_l3_o3_np.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[17];
data/harp-1.12/libharp/harp-ingest-cci_l3_o3_np.c:341:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data.float_data[i * info->num_vertical + 1], &air_pressure.float_data[1],
data/harp-1.12/libharp/harp-ingest-cci_l3_o3_tc.c:51:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[9];
data/harp-1.12/libharp/harp-ingest-cci_l4_o3_np.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[17];
data/harp-1.12/libharp/harp-ingest-cloudnet_l2.c:171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/harp-1.12/libharp/harp-ingest-earlinet_l2.c:194:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char units[81];
data/harp-1.12/libharp/harp-ingest-ecmwf-grib.c:117:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *param_name[NUM_GRIB_PARAMETERS] = {
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *geoms_gas_name[num_ftir_gas] = {
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:106:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *harp_gas_name[num_ftir_gas] = {
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmr_unit[MAX_UNIT_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmr_covariance_unit[MAX_UNIT_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char column_unit[MAX_UNIT_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h2o_vmr_unit[MAX_UNIT_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h2o_column_unit[MAX_UNIT_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:422:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:441:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:471:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:491:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:511:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:531:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:571:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:582:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:606:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:627:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:667:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data.double_data[i * info->num_vertical], data.double_data, info->num_vertical * sizeof(double));
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:737:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data.double_data[i * info->num_vertical * 2], data.double_data,
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:825:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[18];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:826:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_source[20];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1043:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1059:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int read_unit(coda_cursor *cursor, const char *path, char unit[MAX_UNIT_LENGTH])
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1059:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int read_unit(coda_cursor *cursor, const char *path, char unit[MAX_UNIT_LENGTH])
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1083:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1197:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_var_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_mapping_path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-ftir.c:1200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-lidar.c:276:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[100];
data/harp-1.12/libharp/harp-ingest-geoms-lidar.c:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-lidar.c:500:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-lidar.c:538:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-lidar.c:539:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-lidar.c:591:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-lidar.c:592:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:60:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *gas_name[num_mwr_gas] = {
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:241:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data.double_data[i * actual_num_elements], data.double_data, actual_num_elements * sizeof(double));
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:361:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:371:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmr_path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmr_path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:395:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:417:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:427:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:469:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[17];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:470:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_source[20];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:674:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:675:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:676:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_var_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:677:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_mapping_path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-mwr.c:678:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *gas_name[num_gas] = {
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:292:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[36];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:324:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_source[30];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:496:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:497:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_var_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_mapping_path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:500:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-sonde.c:433:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[18];
data/harp-1.12/libharp/harp-ingest-geoms-sonde.c:639:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-sonde.c:640:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-tccon.c:569:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[24];
data/harp-1.12/libharp/harp-ingest-geoms-tccon.c:717:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-tccon.c:718:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:71:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *geoms_gas_name[num_uvvis_doas_gas] = {
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:84:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *harp_gas_name[num_uvvis_doas_gas] = {
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmr_unit[MAX_UNIT_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmr_covariance_unit[MAX_UNIT_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:385:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data.double_data[i * actual_num_elements], data.double_data, actual_num_elements * sizeof(double));
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:690:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:699:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:709:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:719:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:728:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:737:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:746:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:765:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:787:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:807:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:827:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:846:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:856:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:865:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:875:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:885:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:894:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:903:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:912:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:921:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:940:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:962:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:982:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1002:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1021:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1031:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1040:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1050:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1060:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1069:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1088:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1097:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1362:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[40];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_source[30];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1610:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1670:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int read_unit(coda_cursor *cursor, const char *path, char unit[MAX_UNIT_LENGTH])
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1670:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int read_unit(coda_cursor *cursor, const char *path, char unit[MAX_UNIT_LENGTH])
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1694:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1834:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1835:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_var_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1837:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_mapping_path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:1838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gas_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-doas.c:2140:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmr_available_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-dobson.c:314:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_name[35];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-dobson.c:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_source[30];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-dobson.c:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-ingest-geoms-uvvis-dobson.c:467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_description[MAX_DESCRIPTION_LENGTH];
data/harp-1.12/libharp/harp-ingest-gome2_l1.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char geo_earth_actual_name[20];
data/harp-1.12/libharp/harp-ingest-gome2_l1.c:223:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(geo_earth_actual_name, "GEO_EARTH_ACTUAL_%d", info->index_of_fastest_timer_in_list_of_timers[mdr_record]);
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_contents[100];
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:204:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char revision[3];
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:822:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.double_data, &info->amf_buffer.double_data[offset], info->num_main * sizeof(double));
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:840:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.double_data, &info->amf_error_buffer.double_data[offset], info->num_main * sizeof(double));
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:858:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.double_data, &info->esc_buffer.double_data[offset], info->num_main * sizeof(double));
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:876:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.double_data, &info->esc_error_buffer.double_data[offset], info->num_main * sizeof(double));
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:3851:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *detailed_results_option_values[7] = { "BrO", "H2O", "HCHO", "NO2", "O3", "OClO", "SO2" };
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:3852:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *so2_column_option_values[4] = { "15km", "6km", "2.5km", "1km" };
data/harp-1.12/libharp/harp-ingest-gome2_l2.c:3853:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *corrected_option_value[1] = { "true" };
data/harp-1.12/libharp/harp-ingest-gome_l1.c:337:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band_name[MAX_SIZE_BANDNAME];
data/harp-1.12/libharp/harp-ingest-gome_l1.c:759:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band_name[MAX_SIZE_BANDNAME];
data/harp-1.12/libharp/harp-ingest-gosat_fts_l2.c:270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/harp-1.12/libharp/harp-ingest-gosat_fts_l2.c:330:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.double_data, &info->corner_latitude[index * 4], 4 * sizeof(double));
data/harp-1.12/libharp/harp-ingest-gosat_fts_l2.c:347:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.double_data, &info->corner_longitude[index * 4], 4 * sizeof(double));
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:76:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int read_variable(coda_cursor *cursor, const char *name, int num_dimensions, long dimensions[CODA_MAX_NUM_DIMS],
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:525:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[255];
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:534:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "/All_Data/OMPS_NP_GEO_All/MidTime");
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:582:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "/All_Data/OMPS_NP_GEO_All/SatelliteAzimuthAngle");
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:592:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "/All_Data/OMPS_NP_GEO_All/SatelliteZenithAngle");
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:602:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "/All_Data/OMPS_NP_GEO_All/SatelliteAzimuthAngle");
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:612:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "/All_Data/OMPS_NP_GEO_All/SatelliteZenithAngle");
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_totals_l2.c:77:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int read_variable(coda_cursor *cursor, const char *name, int num_dimensions, long dimensions[CODA_MAX_NUM_DIMS],
data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c:67:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *viirs_swath_names[NUM_VIIRS_PRODUCT_TYPES];
data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *viirs_swath_name_ends[NUM_VIIRS_PRODUCT_TYPES] = {
data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c:303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldname[81];
data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c:310:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fieldname, "AerosolOpticalDepth_at_%dnm", aerosol_optical_depth_wavelengths[i]);
data/harp-1.12/libharp/harp-ingest-omi_l3.c:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_buffer[64];
data/harp-1.12/libharp/harp-ingest-osiris_l2.c:132:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.double_data + (profile_nr * info->num_altitudes), data.double_data,
data/harp-1.12/libharp/harp-ingest-s5p_l1b.c:368:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_group_name[17];
data/harp-1.12/libharp/harp-ingest-s5p_l1b.c:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-s5p_l1b.c:830:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:75:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *s5p_dimension_name[S5P_NUM_PRODUCT_TYPES][S5P_NUM_DIM_TYPES] = {
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_short_name[20];
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:470:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char product_name[84];
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:504:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[5];
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:1040:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_value[32];
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:3296:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[50];
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:4840:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *wavelength_ratio_option_values[2] = { "354_388nm", "340_380nm" };
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:4894:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *aerosol_pressure_option_values[1] = { "unclipped" };
data/harp-1.12/libharp/harp-ingest-sciamachy_l1.c:494:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(double_data + (l * info->total_num_wavelengths), double_data,
data/harp-1.12/libharp/harp-ingest-sciamachy_l1.c:576:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(double_data, info->wavelengths, info->total_num_wavelengths * sizeof(double));
data/harp-1.12/libharp/harp-ingest-sciamachy_l1.c:1621:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sun_spect_id[3];
data/harp-1.12/libharp/harp-ingest-sciamachy_l2.c:2210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-sciamachy_l2.c:2398:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-smr_l2.c:236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char speciesname[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-smr_l2.c:610:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmr_description[MAX_PATH_LENGTH], vmr_name[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-smr_l2.c:611:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char precision_description[MAX_PATH_LENGTH], precision_name[MAX_PATH_LENGTH];
data/harp-1.12/libharp/harp-ingest-tes_l2.c:585:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81], description[81], path[255];
data/harp-1.12/libharp/harp-ingest-tes_l2.c:642:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[81], description[81], path[255];
data/harp-1.12/libharp/harp-ingestion-doc.c:126:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(filename, "w");
data/harp-1.12/libharp/harp-ingestion-doc.c:695:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(filename, "w");
data/harp-1.12/libharp/harp-ingestion-doc.c:746:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sorted_module, ingestion_module, num_ingestion_modules * sizeof(harp_ingestion_module *));
data/harp-1.12/libharp/harp-ingestion-module.c:369:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int product_definition_new(const char *name, const char *description,
data/harp-1.12/libharp/harp-ingestion-module.c:369:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int product_definition_new(const char *name, const char *description,
data/harp-1.12/libharp/harp-ingestion-module.c:825:95: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
harp_product_definition *harp_ingestion_register_product(harp_ingestion_module *module, const char *name,
data/harp-1.12/libharp/harp-ingestion-module.c:826:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *description,
data/harp-1.12/libharp/harp-ingestion.c:434:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.ptr, &info->block_buffer->data.int8_data[index * info->block_buffer_block_size],
data/harp-1.12/libharp/harp-ingestion.h:201:95: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
harp_product_definition *harp_ingestion_register_product(harp_ingestion_module *module, const char *name,
data/harp-1.12/libharp/harp-ingestion.h:202:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *description,
data/harp-1.12/libharp/harp-netcdf.c:435:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netcdf_name[NC_MAX_NAME + 1];
data/harp-1.12/libharp/harp-netcdf.c:546:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, &buffer[i * length], length);
data/harp-1.12/libharp/harp-netcdf.c:736:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NC_MAX_NAME + 1];
data/harp-1.12/libharp/harp-netcdf.c:941:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NC_MAX_NAME + 1];
data/harp-1.12/libharp/harp-netcdf.c:1031:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/harp-1.12/libharp/harp-netcdf.c:1033:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "independent_%ld", dimensions->length[i]);
data/harp-1.12/libharp/harp-netcdf.c:1038:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/harp-1.12/libharp/harp-netcdf.c:1040:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "string_%ld", dimensions->length[i]);
data/harp-1.12/libharp/harp-operation.c:2357:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(operation->value, value, num_values * sizeof(int32_t));
data/harp-1.12/libharp/harp-operation.c:2501:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(operation->value, value, num_values * sizeof(double));
data/harp-1.12/libharp/harp-product-metadata.c:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datetime_string[16];
data/harp-1.12/libharp/harp-regrid.c:281:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(bounds_name, "_bounds");
data/harp-1.12/libharp/harp-regrid.c:1122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bounds_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-regrid.c:1276:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bounds_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-utils.c:301:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, initialpath, initialpath_length);
data/harp-1.12/libharp/harp-utils.c:311:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, appendpath, appendpath_length);
data/harp-1.12/libharp/harp-utils.c:384:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&filepath[argv0_length], ".exe");
data/harp-1.12/libharp/harp-utils.c:418:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[HARP_MAX_PATH_LENGTH + 1];
data/harp-1.12/libharp/harp-utils.c:1144:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[i * length], string_data[i], strlen(string_data[i]));
data/harp-1.12/libharp/harp-utils.c:1455:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer[j * block_size], &block[(length - 1 - j) * block_size], block_size);
data/harp-1.12/libharp/harp-utils.c:1457:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block, buffer, length * block_size);
data/harp-1.12/libharp/harp-utils.c:1669:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.ptr, dst, num_elements * element_size);
data/harp-1.12/libharp/harp-variable.c:161:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
pos += sprintf(&(*flag_values)[pos], "%db", i);
data/harp-1.12/libharp/harp-variable.c:572:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, &to_ptr[from_id * filter_block_size], (size_t)filter_block_size);
data/harp-1.12/libharp/harp-variable.c:578:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&to_ptr[k * filter_block_size], &to_ptr[dim_element_ids[k] * filter_block_size],
data/harp-1.12/libharp/harp-variable.c:589:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&to_ptr[to_id * filter_block_size], buffer, (size_t)filter_block_size);
data/harp-1.12/libharp/harp-variable.c:598:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&to_ptr[to_id * filter_block_size], &to_ptr[from_id * filter_block_size],
data/harp-1.12/libharp/harp-variable.c:628:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&to_ptr[to_id * filter_block_size], &to_ptr[from_id * filter_block_size],
data/harp-1.12/libharp/harp-variable.c:1504:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable->data.ptr, other_variable->data.ptr,
data/harp-1.12/libharp/harp-variable.c:1632:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(to_ptr, other_variable->data.ptr, (size_t)other_variable->num_elements * element_size);
data/harp-1.12/libharp/harp-vertical-profiles.c:1144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vertical_bounds_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avk_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apriori_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vertical_bounds_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1335:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avk_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1336:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apriori_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1780:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vertical_bounds_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1781:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char column_avk_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1782:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apriori_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1959:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vertical_bounds_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1960:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char column_avk_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp-vertical-profiles.c:1961:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apriori_name[MAX_NAME_LENGTH];
data/harp-1.12/libharp/harp.c:88:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DETECTION_BLOCK_SIZE];
data/harp-1.12/libharp/harp.c:119:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, open_flags);
data/harp-1.12/matlab/harp-matlab-product.c:137:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mxGetData(mx_data), variable->data.int8_data, num_elements * sizeof(int8_t));
data/harp-1.12/matlab/harp-matlab-product.c:141:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mxGetData(mx_data), variable->data.int16_data, num_elements * sizeof(int16_t));
data/harp-1.12/matlab/harp-matlab-product.c:145:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mxGetData(mx_data), variable->data.int32_data, num_elements * sizeof(int32_t));
data/harp-1.12/matlab/harp-matlab-product.c:149:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mxGetData(mx_data), variable->data.float_data, num_elements * sizeof(float));
data/harp-1.12/matlab/harp-matlab-product.c:153:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mxGetData(mx_data), variable->data.double_data, num_elements * sizeof(double));
data/harp-1.12/matlab/harp-matlab-product.c:349:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable_new->data.int8_data, mxGetData(datastructure), num_elements * sizeof(int8_t));
data/harp-1.12/matlab/harp-matlab-product.c:379:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable_new->data.int16_data, mxGetData(datastructure), num_elements * sizeof(int16_t));
data/harp-1.12/matlab/harp-matlab-product.c:409:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable_new->data.int32_data, mxGetData(datastructure), num_elements * sizeof(int32_t));
data/harp-1.12/matlab/harp-matlab-product.c:439:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable_new->data.float_data, mxGetData(datastructure), num_elements * sizeof(float));
data/harp-1.12/matlab/harp-matlab-product.c:468:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable_new->data.double_data, mxGetData(datastructure), num_elements * sizeof(double));
data/harp-1.12/matlab/harp_matlab.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char funcname[MAX_FUNCNAME_LENGTH + 1];
data/harp-1.12/matlab/harp_matlab.c:173:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(format, "netcdf");
data/harp-1.12/netcdf/attr.c:133:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(attrp->xvalue, rattrp->xvalue, rattrp->xsz);
data/harp-1.12/netcdf/attr.c:614:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(attrp->xvalue, iattrp->xvalue,
data/harp-1.12/netcdf/attr.c:644:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(attrp->xvalue, iattrp->xvalue,
data/harp-1.12/netcdf/error.c:60:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msgbuf[256];
data/harp-1.12/netcdf/error.c:68:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(msgbuf, "EVMSERR");
data/harp-1.12/netcdf/ncx.c:76:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char nada[X_ALIGN] = {0, 0, 0, 0};
data/harp-1.12/netcdf/ncx.c:795:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(ip, xp, sizeof(float));
data/harp-1.12/netcdf/ncx.c:805:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, ip, X_SIZEOF_FLOAT);
data/harp-1.12/netcdf/ncx.c:1399:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(ip, xp, sizeof(double));
data/harp-1.12/netcdf/ncx.c:1409:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, ip, X_SIZEOF_DOUBLE);
data/harp-1.12/netcdf/ncx.c:1979:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems);
data/harp-1.12/netcdf/ncx.c:1987:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems);
data/harp-1.12/netcdf/ncx.c:2071:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems);
data/harp-1.12/netcdf/ncx.c:2085:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems);
data/harp-1.12/netcdf/ncx.c:2185:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems);
data/harp-1.12/netcdf/ncx.c:2194:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems);
data/harp-1.12/netcdf/ncx.c:2294:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems);
data/harp-1.12/netcdf/ncx.c:2299:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, nada, rndup);
data/harp-1.12/netcdf/ncx.c:2314:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems);
data/harp-1.12/netcdf/ncx.c:2319:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, nada, rndup);
data/harp-1.12/netcdf/ncx.c:2347:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, rndup);
data/harp-1.12/netcdf/ncx.c:2376:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, rndup);
data/harp-1.12/netcdf/ncx.c:2405:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, rndup);
data/harp-1.12/netcdf/ncx.c:2434:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, rndup);
data/harp-1.12/netcdf/ncx.c:2463:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, rndup);
data/harp-1.12/netcdf/ncx.c:2515:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems * sizeof(short));
data/harp-1.12/netcdf/ncx.c:2805:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems * X_SIZEOF_SHORT);
data/harp-1.12/netcdf/ncx.c:2917:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, X_SIZEOF_SHORT);
data/harp-1.12/netcdf/ncx.c:2942:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, X_SIZEOF_SHORT);
data/harp-1.12/netcdf/ncx.c:2967:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, X_SIZEOF_SHORT);
data/harp-1.12/netcdf/ncx.c:2992:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, X_SIZEOF_SHORT);
data/harp-1.12/netcdf/ncx.c:3017:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, X_SIZEOF_SHORT);
data/harp-1.12/netcdf/ncx.c:3042:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, X_SIZEOF_SHORT);
data/harp-1.12/netcdf/ncx.c:3067:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, nada, X_SIZEOF_SHORT);
data/harp-1.12/netcdf/ncx.c:3136:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems * sizeof(int));
data/harp-1.12/netcdf/ncx.c:3168:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems * sizeof(long));
data/harp-1.12/netcdf/ncx.c:3286:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems * X_SIZEOF_INT);
data/harp-1.12/netcdf/ncx.c:3318:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems * X_SIZEOF_INT);
data/harp-1.12/netcdf/ncx.c:3473:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems * sizeof(float));
data/harp-1.12/netcdf/ncx.c:3679:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems * X_SIZEOF_FLOAT);
data/harp-1.12/netcdf/ncx.c:3904:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems * sizeof(double));
data/harp-1.12/netcdf/ncx.c:4106:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems * X_SIZEOF_DOUBLE);
data/harp-1.12/netcdf/ncx.c:4228:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems);
data/harp-1.12/netcdf/ncx.c:4242:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems);
data/harp-1.12/netcdf/ncx.c:4252:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems);
data/harp-1.12/netcdf/ncx.c:4267:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems);
data/harp-1.12/netcdf/ncx.c:4272:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, nada, rndup);
data/harp-1.12/netcdf/ncx.c:4286:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems);
data/harp-1.12/netcdf/ncx.c:4300:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(tp, *xpp, nelems);
data/harp-1.12/netcdf/ncx.c:4310:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems);
data/harp-1.12/netcdf/ncx.c:4325:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, tp, nelems);
data/harp-1.12/netcdf/ncx.c:4330:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*xpp, nada, rndup);
data/harp-1.12/netcdf/posixio.c:490:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(pxp->bf_base, middle, pxp->bf_cnt);
data/harp-1.12/netcdf/posixio.c:543:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(middle, pxp->bf_base, pxp->blksz);
data/harp-1.12/netcdf/posixio.c:690:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(pxp->slave->bf_base, pxp->bf_base,
data/harp-1.12/netcdf/posixio.c:708:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(dest, src, nbytes);
data/harp-1.12/netcdf/posixio.c:1466:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, oflags, NC_DEFAULT_CREAT_MODE, "ctx=stm");
data/harp-1.12/netcdf/posixio.c:1469:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, oflags, NC_DEFAULT_CREAT_MODE);
data/harp-1.12/netcdf/posixio.c:1595:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, oflags, 0, "ctx=stm");
data/harp-1.12/netcdf/posixio.c:1597:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, oflags, 0);
data/harp-1.12/netcdf/putget.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fillp[NFILL * sizeof(double)/X_SIZEOF_CHAR];
data/harp-1.12/netcdf/putget.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xfillp[NFILL * X_SIZEOF_DOUBLE];
data/harp-1.12/netcdf/putget.c:288:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(cp, (*attrpp)->xvalue, step);
data/harp-1.12/netcdf/putget.c:365:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, xfillp, xsz);
data/harp-1.12/netcdf/putget.c:375:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(xp, xfillp, rem);
data/harp-1.12/netcdf/putget.c:4285:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(outxp, inxp, extent);
data/harp-1.12/netcdf/putget.c:5066:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:5173:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:5279:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:5385:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:5491:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:5597:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:5703:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:5809:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:5912:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:6013:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:6113:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:6213:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:6313:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:6413:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:6513:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:6613:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, start, varp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/putget.c:11157:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(coord, invp->shape, invp->ndims * sizeof(size_t));
data/harp-1.12/netcdf/string.c:275:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(ncstrp->cp, str, slen);
data/harp-1.12/netcdf/v1hpg.c:580:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(psp->pos, value, nbytes);
data/harp-1.12/netcdf/v1hpg.c:638:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(value, gsp->pos, nget);
data/harp-1.12/netcdf/var.c:104:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(varp->dimids, dimids, ndims * sizeof(int));
data/harp-1.12/netcdf/var.c:125:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(varp->shape, rvarp->shape,
data/harp-1.12/netcdf/var.c:127:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(varp->dsizes, rvarp->dsizes,
data/harp-1.12/strdup.c:23:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_str, str, length);
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:159:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(criterium->variable_name, variable_name, variable_name_length);
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:187:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(criterium->unit, unit, unit_length);
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:752:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(info->collocation_result->difference_variable_name[i], "_diff");
data/harp-1.12/tools/harpconvert/harpconvert.c:172:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (harp_set_option_hdf5_compression(atoi(argv[i + 1])) != 0)
data/harp-1.12/tools/harpmerge/harpmerge.c:232:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (harp_set_option_hdf5_compression(atoi(argv[i + 1])) != 0)
data/harp-1.12/udunits2/converter.c:911:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpBuf[132];
data/harp-1.12/udunits2/formatter.c:1202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refSpec[512];
data/harp-1.12/udunits2/udunits2.h:29:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#ifndef open
data/harp-1.12/udunits2/udunits2.h:30:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open _open
data/harp-1.12/udunits2/unitcore.c:959:44: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
productUnit->indexes = memcpy(newIndexes, indexes, nbytes);
data/harp-1.12/udunits2/unitcore.c:960:43: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
productUnit->powers = memcpy(newPowers, powers, nbytes);
data/harp-1.12/udunits2/unitcore.c:1305:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/harp-1.12/udunits2/xml.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char singular[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plural[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:87:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char latin1[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char latin1Nbsp[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8Nbsp[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:116:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[NAME_SIZE];
data/harp-1.12/udunits2/xml.c:145:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy(buf+length-1, "ies");
data/harp-1.12/udunits2/xml.c:153:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy(buf+length, "es");
data/harp-1.12/udunits2/xml.c:677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/harp-1.12/udunits2/xml.c:717:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/harp-1.12/udunits2/xml.c:1805:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_XOPEN_PATH_MAX];
data/harp-1.12/udunits2/xml.c:2011:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.fd = open(path, O_RDONLY);
data/harp-1.12/udunits2/xml.c:2028:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ]; /* from <stdio.h> */
data/harp-1.12/udunits2/xml.c:2092:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[_XOPEN_PATH_MAX];
data/harp-1.12/udunits2/xml.c:2095:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[_MAX_DRIVE+1]; // Will have trailing colon
data/harp-1.12/udunits2/xml.c:2096:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[_MAX_DIR+1]; // Will have trailing backslash
data/harp-1.12/udunits2/xml.c:2104:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[_XOPEN_PATH_MAX];
data/harp-1.12/expat/loadlibrary.c:116:28: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t filenamelen = _tcslen(filename);
data/harp-1.12/expat/loadlibrary.c:120:24: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_tcscpy(path + _tcslen(path), TEXT("\\"));
data/harp-1.12/expat/loadlibrary.c:121:24: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_tcscpy(path + _tcslen(path), filename);
data/harp-1.12/expat/xmlparse.c:730:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const ssize_t bytesWrittenMore = read(fd, currentTarget, bytesToWrite);
data/harp-1.12/idl/harp_idl.c:421:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
field_name_length = (int)strlen(variable->name);
data/harp-1.12/libharp/harp-area-mask.c:348:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long length = (long)strlen(line);
data/harp-1.12/libharp/harp-binning.c:60:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long variable_name_length = (long)strlen(variable->name);
data/harp-1.12/libharp/harp-binning.c:3099:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal)
data/harp-1.12/libharp/harp-chemistry.c:226:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(chemical_species_names[i]);
data/harp-1.12/libharp/harp-collocation.c:796:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(line);
data/harp-1.12/libharp/harp-collocation.c:898:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = (long)strlen(line);
data/harp-1.12/libharp/harp-dataset.c:202:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long length = (long)strlen(line);
data/harp-1.12/libharp/harp-dataset.c:261:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long length = (long)strlen(line);
data/harp-1.12/libharp/harp-dataset.c:313:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pattern = malloc(strlen(pathname) + 4 + 1);
data/harp-1.12/libharp/harp-dataset.c:317:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(pathname) + 4 + 1, __FILE__, __LINE__);
data/harp-1.12/libharp/harp-dataset.c:342:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filepath = malloc(strlen(pathname) + 1 + strlen(FileData.cFileName) + 1);
data/harp-1.12/libharp/harp-dataset.c:342:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filepath = malloc(strlen(pathname) + 1 + strlen(FileData.cFileName) + 1);
data/harp-1.12/libharp/harp-dataset.c:346:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(pathname) + 1 + strlen(FileData.cFileName) + 1, __FILE__, __LINE__);
data/harp-1.12/libharp/harp-dataset.c:346:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(pathname) + 1 + strlen(FileData.cFileName) + 1, __FILE__, __LINE__);
data/harp-1.12/libharp/harp-dataset.c:400:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filepath = malloc(strlen(pathname) + 1 + strlen(dp->d_name) + 1);
data/harp-1.12/libharp/harp-dataset.c:400:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filepath = malloc(strlen(pathname) + 1 + strlen(dp->d_name) + 1);
data/harp-1.12/libharp/harp-dataset.c:404:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(pathname) + 1 + strlen(dp->d_name) + 1, __FILE__, __LINE__);
data/harp-1.12/libharp/harp-dataset.c:404:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(pathname) + 1 + strlen(dp->d_name) + 1, __FILE__, __LINE__);
data/harp-1.12/libharp/harp-dataset.c:577:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long length = (long)strlen(path);
data/harp-1.12/libharp/harp-dataset.c:911:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = (long)strlen(line);
data/harp-1.12/libharp/harp-derived-variable.c:108:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dimsvar_name = malloc(HARP_MAX_NUM_DIMS + strlen(variable_name) + 1);
data/harp-1.12/libharp/harp-derived-variable.c:112:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
HARP_MAX_NUM_DIMS + strlen(variable_name) + 1, __FILE__, __LINE__);
data/harp-1.12/libharp/harp-errno.c:192:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current_length = strlen(harp_error_message_buffer);
data/harp-1.12/libharp/harp-hdf4.c:991:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SDsetattr(obj_id, name, DFNT_CHAR, (int32_t)strlen(data), data) != 0)
data/harp-1.12/libharp/harp-hdf4.c:1049:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += (int)strlen(get_dimension_type_name(dimension_type[i]));
data/harp-1.12/libharp/harp-hdf4.c:1073:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dimension_str, ",");
data/harp-1.12/libharp/harp-hdf5.c:318:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = malloc(strlen(variable->name) + 16);
data/harp-1.12/libharp/harp-hdf5.c:322:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(variable->name) + 16, __FILE__, __LINE__);
data/harp-1.12/libharp/harp-hdf5.c:1575:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(data) == 0)
data/harp-1.12/libharp/harp-hdf5.c:1598:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (H5Tset_size(data_type_id, strlen(data)) < 0)
data/harp-1.12/libharp/harp-ingest-cci_l3_cloud.c:135:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(field_name, "/");
data/harp-1.12/libharp/harp-ingest-geoms-pandora.c:350:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(template_name);
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:428:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(swath_name + strlen(swath_name) - 7, "GEO_All") == 0)
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:432:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strcmp(swath_name + strlen(swath_name) - 6, "IP_All") == 0) ||
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_profiles_l2.c:433:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strcmp(swath_name + strlen(swath_name) - 7, "EDR_All") == 0))
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_totals_l2.c:350:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(swath_name + strlen(swath_name) - 7, "GEO_All") == 0)
data/harp-1.12/libharp/harp-ingest-npp-suomi-omps_totals_l2.c:354:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(swath_name + strlen(swath_name) - 7, "EDR_All") == 0)
data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c:623:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strcmp(swath_name + strlen(swath_name) - 7, "GEO_All") == 0) ||
data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c:624:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strcmp(swath_name + strlen(swath_name) - 10, "GEO_TC_All") == 0))
data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c:631:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(swath_name + strlen(swath_name) - strlen(viirs_swath_name_ends[i]), viirs_swath_name_ends[i]) ==
data/harp-1.12/libharp/harp-ingest-npp-suomi-viirs_l2.c:631:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(swath_name + strlen(swath_name) - strlen(viirs_swath_name_ends[i]), viirs_swath_name_ends[i]) ==
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:207:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_length = strlen(str);
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:208:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
suffix_length = strlen(suffix);
data/harp-1.12/libharp/harp-ingest-s5p_l2.c:490:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(product_name) != 83)
data/harp-1.12/libharp/harp-ingestion-doc.c:136:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnputc((long)strlen(product_definition->name), '=', fout);
data/harp-1.12/libharp/harp-ingestion-doc.c:191:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(variable_definition->unit) > 0)
data/harp-1.12/libharp/harp-ingestion-doc.c:306:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[1] = max(column_width[1], (int)strlen("*available*"));
data/harp-1.12/libharp/harp-ingestion-doc.c:307:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[2] = max(column_width[2], (int)strlen("optional"));
data/harp-1.12/libharp/harp-ingestion-doc.c:316:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[1] = max(column_width[1], (int)strlen("*condition*"));
data/harp-1.12/libharp/harp-ingestion-doc.c:325:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[2] = max(column_width[2], (int)strlen(mapping->ingestion_option));
data/harp-1.12/libharp/harp-ingestion-doc.c:329:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[2] = max(column_width[2], (int)strlen(mapping->condition));
data/harp-1.12/libharp/harp-ingestion-doc.c:334:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[1] = max(column_width[1], (int)strlen("*path*"));
data/harp-1.12/libharp/harp-ingestion-doc.c:339:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[1] = max(column_width[1], (int)strlen("*description*"));
data/harp-1.12/libharp/harp-ingestion-doc.c:340:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[2] = max(column_width[2], (int)strlen(mapping->description));
data/harp-1.12/libharp/harp-ingestion-doc.c:350:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
column_width[0] = max(column_width[0], (int)strlen("field name"));
data/harp-1.12/libharp/harp-ingestion-doc.c:351:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
span_width = max((int)strlen("mapping description"), column_width[1] + 3 + column_width[2]);
data/harp-1.12/libharp/harp-ingestion-doc.c:524:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnputc((long)strlen(product_group) + 9, '-', fout);
data/harp-1.12/libharp/harp-ingestion-doc.c:585:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fnputc((long)strlen(module->name), '^', fout);
data/harp-1.12/libharp/harp-ingestion-module.c:1077:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = (long)strlen(product_definition->mapping_description) + strlen(mapping_description) + 1;
data/harp-1.12/libharp/harp-ingestion-module.c:1077:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = (long)strlen(product_definition->mapping_description) + strlen(mapping_description) + 1;
data/harp-1.12/libharp/harp-netcdf.c:108:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (sscanf(str, "independent_%ld%n", &length, &num_consumed) == 1 && (size_t)num_consumed == strlen(str))
data/harp-1.12/libharp/harp-netcdf.c:112:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (sscanf(str, "string_%ld%n", &length, &num_consumed) == 1 && (size_t)num_consumed == strlen(str))
data/harp-1.12/libharp/harp-netcdf.c:1064:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = nc_put_att_text(ncid, varid, name, strlen(data), data);
data/harp-1.12/libharp/harp-product.c:71:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(argv[i]);
data/harp-1.12/libharp/harp-product.c:109:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(arguments, "'");
data/harp-1.12/libharp/harp-product.c:111:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(arguments, "'");
data/harp-1.12/libharp/harp-product.c:119:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(arguments, " ");
data/harp-1.12/libharp/harp-product.c:757:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_size += strlen(product->source_product);
data/harp-1.12/libharp/harp-product.c:761:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_size += strlen(product->history);
data/harp-1.12/libharp/harp-product.c:774:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_size += strlen(variable->description);
data/harp-1.12/libharp/harp-product.c:778:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_size += strlen(variable->unit);
data/harp-1.12/libharp/harp-product.c:940:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(variable->name);
data/harp-1.12/libharp/harp-product.c:998:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(variable->name);
data/harp-1.12/libharp/harp-product.c:1658:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = 30 + strlen(HARP_VERSION);
data/harp-1.12/libharp/harp-product.c:1660:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(executable) + 1 + strlen(arguments);
data/harp-1.12/libharp/harp-product.c:1660:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(executable) + 1 + strlen(arguments);
data/harp-1.12/libharp/harp-product.c:1664:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(product->history) + 1;
data/harp-1.12/libharp/harp-product.c:1680:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer, "\n");
data/harp-1.12/libharp/harp-product.c:1684:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buffer[strlen(buffer)], "%04d-%02d-%02dT%02d:%02d:%02dZ [harp-%s] ", tmnow->tm_year + 1900,
data/harp-1.12/libharp/harp-product.c:1687:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer, " ");
data/harp-1.12/libharp/harp-regrid.c:273:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bounds_name = malloc(strlen(grid->name) + 7 + 1);
data/harp-1.12/libharp/harp-utils.c:193:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int filename_length = (int)strlen(filename);
data/harp-1.12/libharp/harp-utils.c:226:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_component_length = (int)strlen(path_component);
data/harp-1.12/libharp/harp-utils.c:278:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
initialpath_length = (int)strlen(initialpath);
data/harp-1.12/libharp/harp-utils.c:279:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
appendpath_length = (appendpath == NULL ? 0 : (int)strlen(appendpath));
data/harp-1.12/libharp/harp-utils.c:359:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int argv0_length = (int)strlen(argv0);
data/harp-1.12/libharp/harp-utils.c:1086:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long length = (long)strlen(string_data[i]);
data/harp-1.12/libharp/harp-utils.c:1144:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&buffer[i * length], string_data[i], strlen(string_data[i]));
data/harp-1.12/libharp/harp-variable.c:208:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += (int)strlen(variable->enum_name[i]);
data/harp-1.12/libharp/harp-variable.c:223:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += (int)strlen(variable->enum_name[i]);
data/harp-1.12/libharp/harp.c:128:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buffer, statbuf.st_size < DETECTION_BLOCK_SIZE ? (size_t)statbuf.st_size : DETECTION_BLOCK_SIZE)
data/harp-1.12/matlab/harp_matlab.c:172:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
format = (char *)mxCalloc(strlen("netcdf") + 1, sizeof(char));
data/harp-1.12/netcdf/attr.c:110:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strp = new_NC_string(strlen(name), name);
data/harp-1.12/netcdf/attr.c:342:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(name);
data/harp-1.12/netcdf/attr.c:346:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen((*attrpp)->name->cp) == slen &&
data/harp-1.12/netcdf/attr.c:412:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(name, attrp->name->cp, attrp->name->nchars);
data/harp-1.12/netcdf/attr.c:546:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newStr = new_NC_string(strlen(newname), newname);
data/harp-1.12/netcdf/attr.c:695:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(name);
data/harp-1.12/netcdf/dim.c:59:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strp = new_NC_string(strlen(name), name);
data/harp-1.12/netcdf/dim.c:145:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(name);
data/harp-1.12/netcdf/dim.c:148:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen((*loc)->name->cp) != slen
data/harp-1.12/netcdf/dim.c:420:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(name, dimp->name->cp,
data/harp-1.12/netcdf/dim.c:452:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(name, dimp->name->cp,
data/harp-1.12/netcdf/dim.c:521:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
NC_string *newStr = new_NC_string(strlen(newname), newname);
data/harp-1.12/netcdf/posixio.c:262:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(nciop->fd, vp, extent);
data/harp-1.12/netcdf/posixio.c:1372:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz_path = M_RNDUP(strlen(path) +1);
data/harp-1.12/netcdf/string.c:248:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(ncstrp->cp, str, ncstrp->nchars +1);
data/harp-1.12/netcdf/string.c:270:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str);
data/harp-1.12/netcdf/utf8proc.c:117:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint8_t *str, ssize_t strlen, int32_t *dst
data/harp-1.12/netcdf/utf8proc.c:123:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen) return 0;
data/harp-1.12/netcdf/utf8proc.c:126:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen >= 0 && length > strlen) return UTF8PROC_ERROR_INVALIDUTF8;
data/harp-1.12/netcdf/utf8proc.c:126:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen >= 0 && length > strlen) return UTF8PROC_ERROR_INVALIDUTF8;
data/harp-1.12/netcdf/utf8proc.c:352:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint8_t *str, ssize_t strlen,
data/harp-1.12/netcdf/utf8proc.c:376:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rpos >= strlen) break;
data/harp-1.12/netcdf/utf8proc.c:529:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint8_t *str, ssize_t strlen, uint8_t **dstptr, int options
data/harp-1.12/netcdf/utf8proc.c:534:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = utf8proc_decompose(str, strlen, NULL, 0, options);
data/harp-1.12/netcdf/utf8proc.c:538:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = utf8proc_decompose(str, strlen, buffer, result, options);
data/harp-1.12/netcdf/utf8proc.h:251:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssize_t utf8proc_iterate(const uint8_t *str, ssize_t strlen, int32_t *dst);
data/harp-1.12/netcdf/utf8proc.h:316:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint8_t *str, ssize_t strlen,
data/harp-1.12/netcdf/utf8proc.h:357:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint8_t *str, ssize_t strlen, uint8_t **dstptr, int options
data/harp-1.12/netcdf/var.c:89:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strp = new_NC_string(strlen(name), name);
data/harp-1.12/netcdf/var.c:319:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(name);
data/harp-1.12/netcdf/var.c:323:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen((*loc)->name->cp) == slen &&
data/harp-1.12/netcdf/var.c:622:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(name, varp->name->cp, varp->name->nchars);
data/harp-1.12/netcdf/var.c:665:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(name, varp->name->cp, varp->name->nchars);
data/harp-1.12/netcdf/var.c:814:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newStr = new_NC_string(strlen(newname),newname);
data/harp-1.12/strdup.c:17:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(str);
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:167:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unit_length = (int)strlen(HARP_UNIT_TIME);
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:172:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unit_length = (int)strlen(HARP_UNIT_LENGTH);
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:548:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (collocation_info_add_criterium(info, (int)strlen(info->nearest_neighbour_x_variable_name),
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:569:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (collocation_info_add_criterium(info, (int)strlen(info->nearest_neighbour_y_variable_name),
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:744:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(info->criterium[i]->variable_name) + 9);
data/harp-1.12/tools/harpcollocate/harpcollocate-matchup.c:748:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)(strlen(info->criterium[i]->variable_name) + 9), __FILE__, __LINE__);
data/harp-1.12/tools/harpcollocate/harpcollocate-resample.c:98:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long variable_name_length = (long)strlen(variable_name);
data/harp-1.12/tools/harpcollocate/harpcollocate-resample.c:103:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long difference_name_length = (long)strlen(collocation_result->difference_variable_name[i]);
data/harp-1.12/udunits2/converter.c:120:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(string[0] != '(' || string[strlen(string)-1] != ')');
data/harp-1.12/udunits2/converter.c:922:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(tmpBuf, buf, sizeof(tmpBuf));
data/harp-1.12/udunits2/formatter.c:815:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
(void)strncpy(formatPar->buf, "1", formatPar->size);
data/harp-1.12/udunits2/prefix.c:158:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(id);
data/harp-1.12/udunits2/prefix.c:217:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (string != NULL && map != NULL && strlen(string) > 0) {
data/harp-1.12/udunits2/prefix.c:218:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(string);
data/harp-1.12/udunits2/prefix.c:284:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (prefix == NULL || strlen(prefix) == 0) {
data/harp-1.12/udunits2/prefix.c:428:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (string == NULL || strlen(string) == 0) {
data/harp-1.12/udunits2/udunits2.h:26:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#ifndef read
data/harp-1.12/udunits2/udunits2.h:27:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read _read
data/harp-1.12/udunits2/xml.c:120:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(singular);
data/harp-1.12/udunits2/xml.c:131:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
(void)strcpy(buf+length, "s");
data/harp-1.12/udunits2/xml.c:142:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
(void)strcpy(buf+length, "s");
data/harp-1.12/udunits2/xml.c:156:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
(void)strcpy(buf+length, "s");
data/harp-1.12/udunits2/xml.c:194:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strLen = strlen(str);
data/harp-1.12/udunits2/xml.c:195:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t replLen = strlen(repl);
data/harp-1.12/udunits2/xml.c:202:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbytes = strlen(in);
data/harp-1.12/udunits2/xml.c:210:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(out, in, nbytes);
data/harp-1.12/udunits2/xml.c:225:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(out, in, nbytes);
data/harp-1.12/udunits2/xml.c:229:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(out, repl, replLen);
data/harp-1.12/udunits2/xml.c:471:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(id) > NAME_SIZE - 1) {
data/harp-1.12/udunits2/xml.c:1554:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(currFile->singular, text, NAME_SIZE);
data/harp-1.12/udunits2/xml.c:1605:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(currFile->plural, text, NAME_SIZE);
data/harp-1.12/udunits2/xml.c:2030:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = read(file.fd, buf, sizeof(buf));
data/harp-1.12/udunits2/xml.c:2105:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(tmp, path, sizeof(tmp));
ANALYSIS SUMMARY:
Hits = 992
Lines analyzed = 209723 in approximately 6.46 seconds (32450 lines/second)
Physical Source Lines of Code (SLOC) = 164933
Hits@level = [0] 899 [1] 165 [2] 586 [3] 20 [4] 221 [5] 0
Hits@level+ = [0+] 1891 [1+] 992 [2+] 827 [3+] 241 [4+] 221 [5+] 0
Hits/KSLOC@level+ = [0+] 11.4653 [1+] 6.01456 [2+] 5.01416 [3+] 1.4612 [4+] 1.33994 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.